71d08eef5be180ad96ee0d3c83a959ba | Triage

Sharing

General

Target

71d08eef5be180ad96ee0d3c83a959ba
Size

18KB
MD5

71d08eef5be180ad96ee0d3c83a959ba
SHA1

278ec96f6b2868cca098cdc0cab5a2f12a9b358e
SHA256

e1ac799c10d7b905800a9e56d23b4a8e5e0b9da6ca743615a09b487b27fd0e69
SHA512

9a03f9df0da91319304a5fe80f01c86285a333011f335a66a6f05772030e816d2c3a08f20ce2d8b4e427448e8552d7fc8130f5d1a753af25cfe953e2bc940420
SSDEEP

192:MbTprfeupFdcROseNPW7UEHse4tn6Y/qETZ3K18KMFK07lVJTa0qtHWx:QjefRoW7UBFH/qEN3s8NlVla0zx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71d08eef5be180ad96ee0d3c83a959ba

Files

71d08eef5be180ad96ee0d3c83a959ba
.exe windows:4 windows x86 arch:x86

cf5421dd095f4db14072e229ff0f5d02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetStdHandle
LoadLibraryExA
InterlockedExchange
HeapCreate
GetTimeFormatA
VirtualProtect
GetProcessVersion
GetProcessHeap
GetEnvironmentStringsA
GlobalMemoryStatus
HeapQueryInformation
GetModuleHandleA
IsDebuggerPresent
HeapDestroy
WaitForSingleObject
GetCurrentThread
GetLogicalDrives
GetCurrentProcessId
CreateIoCompletionPort
GetTapeStatus

user32

GetTitleBarInfo
GetWindow
ReleaseDC
DrawTextA
SetForegroundWindow
GetFocus
wsprintfA
GetWindowTextLengthA
BeginPaint
EndPaint
DragDetect
GetParent
FrameRect
GetClassNameA
SetActiveWindow
GetCursorPos
ShowWindow
FillRect
GetDlgItem

advapi32

RegCloseKey
RegEnumKeyA
RegCreateKeyA
RegSetValueExA
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ