73a702d265cf9d3c869fb04e0dd11b43 | Triage

Sharing

General

Target

73a702d265cf9d3c869fb04e0dd11b43
Size

174KB
MD5

73a702d265cf9d3c869fb04e0dd11b43
SHA1

35630b55514ca4b67c2c732d0c28348005fbe11f
SHA256

711d376beed56a9446bb6f0ba7bb07339a93d092c7899dd856e3e2063e711efb
SHA512

7d690c5ada744e64409ccaa28f30279e017ace1d9d6e6911858ce7e54e4f15e391759cd0dc39dcfd696a631ec99ffa7a177c6990417c3872d98685f55bffce9b
SSDEEP

3072:nV4rgHFA5iaA3DCTh1pwaVZgedMOSju2l7ngbIgl7t1txeA+X6ZGdpBSr03:Vog/r3WpwaDRWXju2Zg/l7Tt4Ak6Zw0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73a702d265cf9d3c869fb04e0dd11b43

Files

73a702d265cf9d3c869fb04e0dd11b43
.exe windows:4 windows x86 arch:x86

5fa9346da2f18a33569bdbe36e144a4d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WideCharToMultiByte
GetCurrentThreadId
QueryPerformanceCounter
GetAtomNameW
lstrlenW
Sleep
SetUnhandledExceptionFilter
GetACP
GetSystemTimeAsFileTime
UnhandledExceptionFilter
MultiByteToWideChar
GetTickCount
lstrlenA
GetModuleHandleW
TerminateProcess
RaiseException
EnumResourceNamesA
InterlockedCompareExchange
TzSpecificLocalTimeToSystemTime
GetEnvironmentVariableW
IsDebuggerPresent
GetLocaleInfoW
GetStartupInfoW
InterlockedExchange
LocalAlloc
GetCurrentProcessId
GetCurrentProcess
CreateProcessW
GetThreadLocale

advapi32

RegSetValueExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA

winmm

mciSendCommandA
sndPlaySoundA

oleacc

LresultFromObject
CreateStdAccessibleObject

setupapi

InstallCatalog
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

Sections

.text
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ