110a9c4f2af043935636c91d2aa66b20[.]exe | Triage

Sharing

General

Target

110a9c4f2af043935636c91d2aa66b20.exe
Size

73KB
MD5

110a9c4f2af043935636c91d2aa66b20
SHA1

4f766a911dd219894486398f6eb119267e265aa6
SHA256

9a8aa18ddf0eca9d646dfdc5e7c98fbf5fba42a1de635be4391716f13f287453
SHA512

63767783ab0b95d930135bda52b5b5251f5d7296948ed672f7302925609594bab7fe2b3a605e912e92302524b4b28cb97342dc8f94a38e56af07b3fa889066b5
SSDEEP

1536:zmP1YSx8H6xxP5hMZv+NffPM00UhUhMRogR9ciEL7Ei:zmPSgdxvoOfXVhUaqgRur7l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
110a9c4f2af043935636c91d2aa66b20.exe

Files

110a9c4f2af043935636c91d2aa66b20.exe
.exe windows:4 windows x86 arch:x86

894a16c213964a1cd9af93a88f7c8358

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

FindWindowA

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

setsockopt

wininet

InternetOpenA

netapi32

NetShareDel

Sections

.text
Size: 53KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 15KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GurL
Size: 927B - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE