73088d203f24f07cb713b32b3f9e1bfc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73088d203f24f07cb713b32b3f9e1bfc
Size

54KB
MD5

73088d203f24f07cb713b32b3f9e1bfc
SHA1

f4fb907a333839420a14aeb0ee7aaf1b9c6f882b
SHA256

0ab8c29aa160c047c48b8fa2796a908d5cf59657ff1790cdba4da5c43aa3b623
SHA512

dfef8cb5f999e0c104e3ec839cb24cbaa7cdca29cad8bdd39855a3af678cdfcc686414d2099d9d7b07f8894a4b9d12f71f6863575112c6453c953b119c71826a
SSDEEP

768:gIijy5TX/MKQkAS3oS6SEnBQ9+NMRD8+TgtS7cYcoRwhimSRyy1C5aCjDQtPywr8:gIim57/SkAS3qLkFRw+MvIlkaCQQwr8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73088d203f24f07cb713b32b3f9e1bfc

Files

73088d203f24f07cb713b32b3f9e1bfc
.exe windows:5 windows x86 arch:x86

b7f6c9050c7f7dd7d73214930564fd0a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

advapi32

CryptAcquireContextW
CryptDestroyHash
CryptHashData
GetUserNameW
RegCreateKeyExA
RegEnumKeyExA

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIW
StrStrW
wnsprintfA
wnsprintfW

user32

FindWindowExA
GetForegroundWindow
GetMenuItemID
GetMessageA
MsgWaitForMultipleObjects
PeekMessageA

Sections

.snql
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grwn
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ylsdsv
Size: 5KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ