244e281817b46ffc01e8bfbd0027adff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

244e281817b46ffc01e8bfbd0027adff
Size

34KB
MD5

244e281817b46ffc01e8bfbd0027adff
SHA1

42072c0abc1d011a10187e81522f344e2ead76cd
SHA256

7df2dd3f833711bf7176031d89d49fa31ad0bc903cbfbe31c777d903c4ab8316
SHA512

f30e5669edb41e81b340401ac466080e1293b4dfbd269bca33f8b5c1ff33ea930c846562cea06f83af94cd2fa8f285bb4b29cdf684f4f45575fa9747de709443
SSDEEP

768:No8pka0LESoMl24UoZdGUIiC8OQdQ1Rn+cVDz4EzWcYA:lKaoBl1j0BiCDN+cVDz4EzWi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
244e281817b46ffc01e8bfbd0027adff

Files

244e281817b46ffc01e8bfbd0027adff
.exe windows:4 windows x86 arch:x86

0318be5de917d71a823fb3691b05cd2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
Thread32Next
Thread32First
OpenProcess
VirtualAlloc
VirtualFree
ExitProcess
GetCurrentThreadId
CreateRemoteThread
LoadLibraryA
VirtualFreeEx
WriteProcessMemory
VirtualAllocEx
CreateThread
GetLocalTime
GetModuleHandleA
WriteFile
CopyFileA
DeleteFileA
GetTempPathA
GetShortPathNameA
GetModuleFileNameA
TerminateProcess
CreateEventA
OpenEventA
GetStringTypeA
RtlUnwind
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
GetTickCount
GetWindowsDirectoryA
CreateFileA
GetFileTime
SetFileTime
Sleep
GetCurrentProcess
GetProcAddress
CloseHandle
GetStringTypeW

user32

GetMessageA
TranslateMessage
DispatchMessageA
GetInputState
PostThreadMessageA
EnumThreadWindows
GetClassNameA
FindWindowA
PostMessageA
GetWindow
GetWindowTextA

advapi32

OpenProcessToken
AdjustTokenPrivileges
RegCloseKey
RegQueryValueExA
RegEnumValueA
RegOpenKeyExA
RegSetValueExA
LookupPrivilegeValueA

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RwDat
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE