71624b2c6ec3c7b7b75eb6421a7ffc88 | Triage

Sharing

General

Target

71624b2c6ec3c7b7b75eb6421a7ffc88
Size

21KB
MD5

71624b2c6ec3c7b7b75eb6421a7ffc88
SHA1

95807e188f8139e5bffdf0de72fee247e55925f9
SHA256

78599932de335c505869d13e9c3d560870c56428d882dca91b184313052edd9f
SHA512

cc6c0f39b7bc3678ffed49a4f661917d14228ac0e2fca9a81c242ab8267d6e04c0cff7867aa8d39f7cc36d20d4b26d5122f85afb8fbcd3cf7a5c1676c340b2c9
SSDEEP

384:kiLDLGXrKzpllHiFEh801dvGp/Sn7YC1n+oI1FnulQycoHWNKT:PLp1PiF3p47xnrl8RIT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71624b2c6ec3c7b7b75eb6421a7ffc88

Files

71624b2c6ec3c7b7b75eb6421a7ffc88
.exe windows:4 windows x86 arch:x86

ec79fd8b244642a3a7ab96fe5c1fa410

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
GetFileTime
CopyFileA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
ExitProcess
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetModuleHandleA
GetProcessHeap
ResumeThread
GetPriorityClass
OpenProcess
VirtualAlloc
VirtualFree
GetCurrentProcessId
SetLastError
CreateRemoteThread
GetProcAddress
FreeLibrary
GetVersionExA
GlobalMemoryStatus
CloseHandle

user32

CharLowerA

advapi32.dll.

OpenProcessToken
LookupPrivilegeValueA
RegQueryValueExA
RegOpenKeyExA
AdjustTokenPrivileges

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ