26a79252b22537ab99fbae1805e95afd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26a79252b22537ab99fbae1805e95afd
Size

454KB
MD5

26a79252b22537ab99fbae1805e95afd
SHA1

2fbec79f36ab3670c498dbcd45c27b11a99d5e2e
SHA256

24ad4e35f69caa28438735004750938e27b185b9b90698c6e7627845d068bc27
SHA512

3da17406f48da726dd56ffb53139996b65ebaf490e8f14c26af560bb8f2ff2ac335b40e791892c099d04e9fa1abcc9aefb60fdf717990ea75d6285e3226c1b16
SSDEEP

6144:LYqt4Rg78h1Kp+dcpcKW6XTHW6PSvhbC7VSU2l/5y6oo5D6MRqKVlRsLH0PDK421:8qtIR1KgKTZ6dop2jy252MlsH0PmyhA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26a79252b22537ab99fbae1805e95afd

Files

26a79252b22537ab99fbae1805e95afd
.exe windows:4 windows x86 arch:x86

c352961af98cd61526dc49e17d7a5943

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
ExitProcess
SetFileAttributesW
VirtualAlloc
ReadFile
CloseHandle
GetFileSize
GetModuleHandleA
GetVersion
SetLastError
IsBadReadPtr
CreateFileA
DeleteFileA
GetEnvironmentVariableA
DeleteAtom
SetLastError
SuspendThread
GetCurrentDirectoryA
GetCommandLineA
SetEndOfFile
HeapSize
EnterCriticalSection
GetStdHandle
FindAtomW
WaitForSingleObject

cryptui

LocalEnroll
LocalEnrollNoDS
CryptUIDlgViewContext
CryptUIStartCertMgr
CryptUIWizImport
WizardFree
CryptUIWizBuildCTL
CryptUIWizExport
DllUnregisterServer
CryptUIDlgFreeCAContext
CryptUIWizDigitalSign
WizardFree
DllRegisterServer

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ