425f1ad5f7bda614f9e481b7e24c57b4[.]exe | Triage

Sharing

General

Target

425f1ad5f7bda614f9e481b7e24c57b4.exe
Size

273KB
MD5

425f1ad5f7bda614f9e481b7e24c57b4
SHA1

bda3eb04c84f88791a8e4ad98da1f1ae76207853
SHA256

79f8515c5939f26d4a40c02b6ce6839dc33337bab85315e33c0c22ce46575f41
SHA512

44a64cd7796d81266442832ea3f3c0b9472a2f29a42bf0b26cd17792a172bba5e4d2fc1f37e5975388533c3b4cc140bd9cff6ef0e79d5ca889d130d2e8f7e325
SSDEEP

3072:20p4yOucjkzzsgL28KsCv/qIU1mwQmegzIwlrZAIK7Gu/pvKW7eTy5DKP3rr+r0P:z1coHGN/qd1mlYEsIgWlV6+r0Mn8XBx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
425f1ad5f7bda614f9e481b7e24c57b4.exe

Files

425f1ad5f7bda614f9e481b7e24c57b4.exe
.exe windows:4 windows x86 arch:x86

0d6ac40ec41374c67f00ed463d5a591f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileIntW
GetModuleHandleW
LoadLibraryW
GetAtomNameA
DeleteCriticalSection
FreeLibrary
GetVersionExW
FindClose
LockResource
GetProcAddress
GetModuleFileNameW
FindFirstFileW
GlobalSize
LoadLibraryA
Sleep
MultiByteToWideChar
EnumResourceTypesW
GetTickCount
GetDllDirectoryW
MulDiv
lstrlenW
WritePrivateProfileStringW
GetPrivateProfileStringW
LoadResource
GetVersionExA
InitializeCriticalSection
GetLocaleInfoW

shell32

DllGetVersion
CommandLineToArgvW
SHGetFileInfoA
ShellExecuteExW
SHBrowseForFolderA
SHFileOperationW
SHGetPathFromIDListA
ShellExecuteExA
ShellExecuteW
Shell_NotifyIconA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

Sections

.text
Size: 129KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 141KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ