476619d65181ad611ced91b7db59cfa1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

476619d65181ad611ced91b7db59cfa1
Size

127KB
MD5

476619d65181ad611ced91b7db59cfa1
SHA1

07252447f21ef16c92ba96afbd52e561ba1a21cf
SHA256

193d4c18bea7321c1f4e91e67bc33c61094ba94e8d243fcac554e3d275e4e4cd
SHA512

97c2bd1b944e6904578f9d03257fa705af0263f735eb2efaa07c9cb5df522dfc2facb136beff46859ba3093d86e5f0387882df0e50b0a59cf7eadb1c19077c17
SSDEEP

3072:9p/1vTOGSzkf7udIUOib0boszIrI/AesLMcPZXuG:9pxVf7udiirszALxF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
476619d65181ad611ced91b7db59cfa1

Files

476619d65181ad611ced91b7db59cfa1
.exe windows:4 windows x86 arch:x86

2ce6ac66dda3fe0f8286833124fc1b03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetSpecialFolderPathW
ShellExecuteExW

kernel32

DisableThreadLibraryCalls
FindFirstFileW
DeleteFileW
UnlockFile
IsDBCSLeadByteEx
GetDriveTypeW
SetFileTime
SetFilePointer
GlobalReAlloc
LoadResource
GetFileTime
CloseHandle
GlobalDeleteAtom
GetLocalTime
FindResourceW
GetShortPathNameW
EnumResourceNamesW
IsDBCSLeadByte
MoveFileW
GetACP
WriteFile
SetErrorMode
LockFile
GlobalSize
FindNextFileW
SearchPathW
GetVolumeInformationW
SetCurrentDirectoryW
GetCurrentDirectoryW
ExitProcess
SetFileAttributesW
ReadFile
SetEnvironmentVariableW
GlobalFree
FindClose
GetFileSize
GlobalUnlock

ole32

CoFileTimeNow
CoCreateInstance
CoUninitialize
StgOpenStorage
CoInitialize

oleacc

LresultFromObject

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ