66acca47ef30b540bb91b55ef9cd3cb6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66acca47ef30b540bb91b55ef9cd3cb6
Size

17KB
MD5

66acca47ef30b540bb91b55ef9cd3cb6
SHA1

a0046b84cae09ad83d70fb9ce1d30393043eb419
SHA256

e860b540d16f1d8caa9927e1d6d3df529e9155cb74fcc30bff2ad22608612368
SHA512

8ee449e8df99d337dc971714eefd794a51df5a1b6613a16da220dd3971d0dbbb26f5f0666cdc4cb9f418bcaab5b1fc587d84273701d7ea3de7d15081519306d3
SSDEEP

192:ez2T/15eXZd5fZGRLbv88xyWhrqCsb0Ms9voReyYquVknZOyPkBywE0qvkvvYQi1:ea/+shOmqR3shUYDQHPmEc3fs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66acca47ef30b540bb91b55ef9cd3cb6

Files

66acca47ef30b540bb91b55ef9cd3cb6
.exe windows:5 windows x86 arch:x86

05e4dbb2b0debd3a4738192acbed6a47

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetEnvironmentVariableA
CreateFileA
GetProcessHeap
ExitProcess
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

advapi32

RegOpenKeyExA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aata
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ