2d04dfedfb36ccc7d2acdf9cda0f879f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2d04dfedfb36ccc7d2acdf9cda0f879f
Size

79KB
MD5

2d04dfedfb36ccc7d2acdf9cda0f879f
SHA1

e1b8e3f8947ee6e2cada98259b6352d771e56fce
SHA256

83bcd26b84f18b886aea24f84ca746e315cc486fc2cd9002c0efc770bda5b15e
SHA512

4a3e72ba9b33308b0e6f38cab6fa146f8acbb159a2bf3ffe727f97fe7e919247c31b41b95615620ca554c02f34fa0ad0ea933e0355570bd399826dbcaedbf898
SSDEEP

1536:un0+tVJO6AC/oVcwwcyEiXwWIdoCt/PMxXtzVE:un0+86B/oCwwcyEOwBoCMXZVE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d04dfedfb36ccc7d2acdf9cda0f879f

Files

2d04dfedfb36ccc7d2acdf9cda0f879f
.exe windows:4 windows x86 arch:x86

6072bd0db9f864a4a2e5a6fece4a7135

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindNextFileA
lstrcpynA
GetTempFileNameA
lstrcpyA
SetFileTime
CloseHandle
FindFirstFileA
CreateFileA
GetTempPathA
GetVolumeInformationA
lstrlenA
MoveFileExA
GetModuleFileNameA
FindClose
GetTickCount
GetSystemDirectoryA
WideCharToMultiByte
lstrcatA
DeleteFileA
WriteFile
MoveFileA
RtlUnwind

advapi32

RegDeleteValueA
RegCreateKeyA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA

ole32

CoCreateGuid
StringFromCLSID
CoTaskMemFree

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 71KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE