672157665a052a76d885a6aa04905235 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

672157665a052a76d885a6aa04905235
Size

418KB
MD5

672157665a052a76d885a6aa04905235
SHA1

fd29bc79928ddc7b7a176b8e6af8b32c0ecc9a51
SHA256

056e3fecbf6d4105d326912cb1543a32fb644b757d7f75d6fe832e2e025e89e9
SHA512

8f91f8ebbd65c440905f2d0317c463a416d865b6dbfca7be4d5223116ab9d0b0838acfe9542762acd201f880ba1d200c907d0a20f077f564b178806cf931b49e
SSDEEP

6144:gwsV3GwAp4viBSzBYy2luwBEuT9lGNbb8kvgjhd60sdQ/j4LN/pyTJzqdOdt/d:gXV3H9vVBlqL1WdYjhnsd4j4TCzZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
672157665a052a76d885a6aa04905235

Files

672157665a052a76d885a6aa04905235
.exe windows:5 windows x86 arch:x86

1e5d33070fcdbae8f49340ec34a761fb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
WriteFile
CloseHandle
CreateFileW
GetFileAttributesW
GetTempPathW
ExitProcess
ReadFile
SetFilePointer
GetModuleFileNameW
GetTickCount
HeapAlloc
GetProcessHeap
HeapFree

Sections

.text
Size: 1024B - Virtual size: 798B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 406B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE