462ef0d81caf036fae139f91eb6a5fbf | Triage

Sharing

General

Target

462ef0d81caf036fae139f91eb6a5fbf
Size

38KB
MD5

462ef0d81caf036fae139f91eb6a5fbf
SHA1

379771440c34d3bac26725f831c69f4393df79da
SHA256

5158f8cbafa9ea4901a85f9bf0c60f62c1cee72a897d7c664acb63f3670ca926
SHA512

184b82c14e76c14eb6292a3495f6fa90587e1f3b36c3fee5bee80f628ae20c6ca56040d4cc8e46d77cec0791ca49021e12218b503e1179fe19d2e3b4010b6699
SSDEEP

768:f5O2maURCF5EJhMeB8M6M7xMI+oZfT5cGCz2M4jcwhwJWAEk:f5jUiMBMI+oZfT5cpz+jcwhhAE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
462ef0d81caf036fae139f91eb6a5fbf

Files

462ef0d81caf036fae139f91eb6a5fbf
.exe windows:4 windows x86 arch:x86

1d43cd5e399f31c49a6f934c29809b5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

oleaut32

SysFreeString

advapi32

RegQueryValueExA

user32

GetKeyboardType

Sections

.text
Size: 30KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE