371a80d9e90a7e208063942549809e06[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

371a80d9e90a7e208063942549809e06.exe
Size

6KB
MD5

371a80d9e90a7e208063942549809e06
SHA1

0c1706e72d4a41846562571cd956519c21159617
SHA256

21e0c6085d4dd18833035961b9a2bba91599a4beaf1bb321147527bdef6363de
SHA512

bcfaa097d9431f6ad2180e875779d7c48510a94acc5530c8c6e602b94f98af3d9b21e4f4a5120104317fce39a8e01cdd5f30af6f9679e9916257ffa3b00f6a70
SSDEEP

192:wwXM+9yjdRDrxqPlgvzgvNVINd/QALLi0BCQ9iA/:7BIjdRKcGeBNLLBVn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
371a80d9e90a7e208063942549809e06.exe

Files

371a80d9e90a7e208063942549809e06.exe
.exe windows:4 windows x86 arch:x86

ecbb8bc4f70449d38d0847a79874d36e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CopyFileExA
CreateFileA
CreateRemoteThread
ExitProcess
GetCPInfoExW
GetDiskFreeSpaceExW
GetLogicalDriveStringsW
GetProcessHeaps
GetProfileIntW
GetTimeZoneInformation
QueryDosDeviceA
lstrcpynA

advapi32

AddAccessAllowedAce
CryptVerifySignatureW
GetAuditedPermissionsFromAclA
NotifyChangeEventLog
OpenSCManagerA
QueryServiceLockStatusA

gdi32

GdiFlush
GetCurrentPositionEx
GetEnhMetaFileBits
SelectClipPath
StrokePath

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE