273b26abb6fdf834fceedaa6182cd768 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

273b26abb6fdf834fceedaa6182cd768
Size

1.1MB
MD5

273b26abb6fdf834fceedaa6182cd768
SHA1

a9104f10a3ca7348b4718118d1420ea91be67aa5
SHA256

34fd7a9ffe09d9d9e10fed2d2aec433bf71fa71f4888089e54c7ed8febbb0280
SHA512

676b9090d479371dbe2b00abca55e4e99fd06776b1f89cfce084eac196eee99254a8703cffd7b9802db60eb787b7c00a757dae72efb9522981b395bc5eb85866
SSDEEP

24576:C09lVt6R75zJY+6UaX5hs1EhflewmpULrXdJ4HZAcH1:CWtoN+x1hgw11YAcV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Patch/Patch.exe

Files

273b26abb6fdf834fceedaa6182cd768
.zip
Patch/Patch.exe
.exe windows:5 windows x86 arch:x86

dc73a9bd8de0fd640549c85ac4089b87

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
ExitProcess
FindResourceA
FreeLibrary
GetModuleHandleA
GetProcAddress
GetTempPathA
LoadLibraryA
LoadResource
RtlMoveMemory
SizeofResource
VirtualAlloc
lstrcatA
CloseHandle
CreateFileA
FlushFileBuffers
WriteFile

Sections

.text
Size: 512B - Virtual size: 502B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 472B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 82B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ