571dd3fba036334f634eccee0e978319 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

571dd3fba036334f634eccee0e978319
Size

23KB
MD5

571dd3fba036334f634eccee0e978319
SHA1

69ce287deb6b9664687a05c9eaf8e93977a6a9cf
SHA256

7bf993b2fc3e0c3dc6cd6ac1d4aeb62ae4a490df52ce43ad9e54445d5080fcdf
SHA512

779d6fb93821dc78f838554afb2241fe36b66cd326155aeb256df4b95642fe2228b4f442d76c7a72eeeef687d515b38bce38c824fd646c15840ebb02fea93d09
SSDEEP

384:XehzyaQd7YhRtEoZ4saE9grkV7Avae3c8FwE+WF7o6WJhYavcxXQdzcfgMseNETN:l7YhRtVZva0ucTE+co62/vOXuco0E3iQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
571dd3fba036334f634eccee0e978319

Files

571dd3fba036334f634eccee0e978319
.exe windows:1 windows x86 arch:x86

f91d7fabdfde39ef56e7e47f0981e1e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CopyFileA
CreateFileA
CreateMutexA
DeleteFileA
ExitProcess
ExpandEnvironmentStringsA
GetFileSize
GetFileTime
GetFullPathNameA
GetLastError
GetModuleFileNameA
GetSystemDirectoryA
GlobalAlloc
GlobalFree
MoveFileA
MoveFileExA
MultiByteToWideChar
ReadFile
SetCurrentDirectoryA
SetFilePointer
SetFileTime
Sleep
VirtualAlloc
WinExec
WriteFile
lstrcpyA

user32

PeekMessageA
wsprintfA

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyA
RegQueryValueExA
RegSetValueExA

shell32

StrStrIA

imagehlp

CheckSumMappedFile
ImageLoad
ImageUnload

iphlpapi

GetAdaptersInfo

ntdll

ZwQuerySystemInformation

sfc

ord5

Sections

.flat
Size: 9KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vmp0
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 276B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ