532be90ed4090faf9376d0902f7e2659 | Triage

Sharing

General

Target

532be90ed4090faf9376d0902f7e2659
Size

45KB
MD5

532be90ed4090faf9376d0902f7e2659
SHA1

6ddcaa55df79e800c9608a37a9dd0ca2ff9f8cfb
SHA256

8e80a1d7c1629d0eb5f6aaeb70a72a2a856eb9e39b713548ffd1de256bfaba18
SHA512

d9870e3929b44388341ed04af417c435f86e3c25220710067431315af219c444ea36040a94f1db3e4a2178fa22e8c0c0007c64f8e30d9e9ce058599d36766bc4
SSDEEP

768:jJFi6TjB9C48WN5UBCtFhOPkKNqmc7SvRF2Te03YYMd+hbCjKqp3W9v:66X/X3NJtfsk/mcSkYVIGjKq5wv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
532be90ed4090faf9376d0902f7e2659

Files

532be90ed4090faf9376d0902f7e2659
.exe windows:5 windows x86 arch:x86

d3665ab9b0c881dd761e8b0edc159ce3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
CryptReleaseContext
CryptCreateHash
RegQueryValueExA
RegDeleteValueA
CryptGetHashParam
DuplicateTokenEx

shlwapi

PathMatchSpecW
SHDeleteKeyA
StrStrW
wvnsprintfW
StrCmpNIW
wnsprintfW
PathFindFileNameW
wnsprintfA
PathFileExistsW
wvnsprintfA
PathRemoveFileSpecW
PathCombineW
StrCmpNIA

Sections

.hqjed
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wfmjgr
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rgv
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ