668263255745b921707c279268f2b839 | Triage

Sharing

General

Target

668263255745b921707c279268f2b839
Size

46KB
MD5

668263255745b921707c279268f2b839
SHA1

6e66180c108fa392dcf0b24cba8d63be8e4b4874
SHA256

d4d846d32e9be1e84bc4c0c32804514abe984c989bd7593358e64486cf3cba90
SHA512

6a1ef42597e21c6a8eac69cfb58e43838f72c34ac669d4f6cf2f847a87a10c5fe7b90a8ad6630f6f0960a8d2105fca0d4bb681153e68890ad0e3c2da65b19e6a
SSDEEP

768:/4WkGmU3yqSznlfdD5shEkSwVprXWn/yfXBP6CEGRdW7hA9gcrBCe9v6+VzT:TkGmeSJdD50EtmrXqc09A9rCGvLVzT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
668263255745b921707c279268f2b839

Files

668263255745b921707c279268f2b839
.exe windows:5 windows x86 arch:x86

74e03eb355b155576535c9d434ac4601

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
CryptCreateHash
DuplicateTokenEx
RegDeleteValueA
RegCloseKey
CryptReleaseContext
CryptGetHashParam

shlwapi

PathFileExistsW
PathMatchSpecW
StrCmpNIA
wvnsprintfW
SHDeleteKeyA
StrCmpNIW
PathFindFileNameW
wvnsprintfA
wnsprintfW
PathCombineW
wnsprintfA
PathRemoveFileSpecW
StrStrW

Sections

.lgnct
Size: 36KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.slip
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xkb
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ