43410b84ba93d7ac4fbeb9d70d505eea | Triage

Sharing

General

Target

43410b84ba93d7ac4fbeb9d70d505eea
Size

46KB
MD5

43410b84ba93d7ac4fbeb9d70d505eea
SHA1

c90885fb9841b123b179d48374939679c4a5a63f
SHA256

06357fa76bb511842f341dd694357199f3464693f5f43130d7522e541e6a3c4b
SHA512

a199114b3ebdeb674014779d418d98a94a38c2f1f856ff414b62302a6f6c6263348edcb3ee64556ec4b40d9872883df6c265bd9a680e3bb106c8121dbc8c63e7
SSDEEP

768:pjNLx06RHdo5J+0fMUDOmCI+H6fyWQ4Avr6xygRfIdV2BLBXVeQgHXYBtuB:pZZwf+0fFDOFIiUhAD6xygRfIKX8QoXd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
43410b84ba93d7ac4fbeb9d70d505eea

Files

43410b84ba93d7ac4fbeb9d70d505eea
.exe windows:5 windows x86 arch:x86

4cca5f84b4cdb9c552ced9e02a2a5e93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrW
wnsprintfA
PathFindFileNameW
PathFileExistsW
wvnsprintfA
PathMatchSpecW
StrCmpNIA
wvnsprintfW
PathRemoveFileSpecW
SHDeleteKeyA
wnsprintfW
PathCombineW
StrCmpNIW

advapi32

RegCloseKey
DuplicateTokenEx
RegDeleteValueA
CryptReleaseContext
CryptCreateHash
CryptGetHashParam
RegQueryValueExA

Sections

.fkvwj
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ovobsb
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zungh
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ