411cf25ebbdcda02179d0d569b77952d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

411cf25ebbdcda02179d0d569b77952d
Size

127KB
MD5

411cf25ebbdcda02179d0d569b77952d
SHA1

4d41391a477d6dc01bd82d938c56e33169132ece
SHA256

b0741f09260aae1e450b0a6c5beefa69f96b4497f800821442d44b5a2ee054f1
SHA512

ac2b2ca52b827f16f5735c53c8fcfdbd41d8c154dc17a51a4572ca97ac703cd236188dff1e6e323b232d932b34418baf582d9fe3e37b43c3df55873a29bc32ed
SSDEEP

1536:ja7zs9jA09OrYX6Cv6eIrOvDallUdOpr2pEWJg+dHsa3eMScpYc717zsD5Z5Pjs6:QzR09XX6p2pE1i3HSdcpfgbj3/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
411cf25ebbdcda02179d0d569b77952d

Files

411cf25ebbdcda02179d0d569b77952d
.exe .js windows:4 windows x86 arch:x86 polyglot

8a4c440e074767933d15cb6e8d6d6490

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA
PathRemoveExtensionA
SHDeleteValueA
StrStrIA

kernel32

ExitProcess
CreateFileA
lstrlenA
SetErrorMode
WaitForSingleObject
WriteFile
GlobalAlloc
Sleep
GetSystemDirectoryA
lstrcatA
MultiByteToWideChar
FindFirstFileA
lstrcmpiA
CopyFileA
SetFileAttributesA
GlobalFree
FindClose
GetModuleFileNameA
FindNextFileA
GetModuleHandleA
CreateMutexA
WinExec
CloseHandle
CreateThread
lstrcpyA

user32

CreateWindowExA
DefWindowProcA
DispatchMessageA
GetMessageA
SetTimer
RegisterClassExA
KillTimer
LoadIconA
TranslateMessage
wsprintfA
MessageBoxA

advapi32

RegOpenKeyExA
RegEnumValueA
RegCloseKey
RegEnumKeyExA

shell32

Shell_NotifyIconA
ShellExecuteA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

VariantClear
SysAllocString

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ