408abe7281d52dbbb12ef79b6f59447d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

408abe7281d52dbbb12ef79b6f59447d
Size

276KB
MD5

408abe7281d52dbbb12ef79b6f59447d
SHA1

8cbe4cd89376ad2abdd9b99d00d5de4b0b8424da
SHA256

20c0c3e9a61d36f5c90dc2f4194452ca1eed9eb6ac7a37f0958fbc1ce894e5ab
SHA512

476f6786aff7a64cc7bbd1b2a6b841b88c6f1429a30705d920bdbb537f6cfdb6440da212ea9bd8a0673007d689e77c01184605af903c7fab2a3e5eb9e273fd74
SSDEEP

6144:uE9M2LnjowOZzoPtXPLL9bzJr8WS7Od8FLOYUudAL2EnzvMef:uE9NnjuYtXP/9b9rbS7E8yOYzvMef

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
408abe7281d52dbbb12ef79b6f59447d

Files

408abe7281d52dbbb12ef79b6f59447d
.exe windows:4 windows x86 arch:x86

73f73bd6302ec7a532742127ab6331f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
GetCurrentProcess
CreateFileA
CloseHandle
LCMapStringA
LoadLibraryA
ExitProcess

user32

SetWindowLongA
CreateWindowExA
wsprintfA
CloseWindow
CharLowerBuffA

advapi32

RegDeleteValueA
RegQueryValueA
RegCloseKey
RegOpenKeyA
RegCreateKeyA
RegSetValueA
RegEnumValueA
RegEnumKeyA
RegDeleteKeyA

Sections

.text
Size: 190KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ