42884a0b1a737ec7280eab1795984363 | Triage

Sharing

General

Target

42884a0b1a737ec7280eab1795984363
Size

3KB
MD5

42884a0b1a737ec7280eab1795984363
SHA1

d4c72e4e59ba7c4c9a10c58266765fa62a858bd7
SHA256

4a3838d221150c1f6e65b2813a61f0e2edd9cb488743d246195d861c7acc639f
SHA512

50879fd3b9d90ae506c39f850cdcd12a5b74b9b8ca82749c5b5e1416ad23140b120da55a1751f0a05ce589d81867044388323f4906c4f29602f06f01486d213a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42884a0b1a737ec7280eab1795984363

Files

42884a0b1a737ec7280eab1795984363
.exe windows:4 windows x86 arch:x86

66eead2284397e54cbb8a67f84fe024a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WinExec
DeleteFileA
lstrcpyA
lstrcatA
GetSystemDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
ReadProcessMemory
GetThreadContext
CreateProcessA
TerminateProcess
ResumeThread
SetThreadContext
WriteProcessMemory
VirtualAllocEx
GetModuleHandleA
lstrcmpiA
GetModuleFileNameA
ExitProcess
GetCurrentProcess

user32

MessageBoxA

urlmon

URLDownloadToFileA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE