73db384551a94a8843a77e729b06fe20 | Triage

Sharing

General

Target

73db384551a94a8843a77e729b06fe20
Size

65KB
MD5

73db384551a94a8843a77e729b06fe20
SHA1

9ebbfffaf5db7f6d3211594029458981d7b258a6
SHA256

8b4e8a497f05f40c6c9ace223fee5e84883dd2a00ec4a6703d2201e6e3604e2f
SHA512

1cc8d28f6c29c2a9afceff9883f4c5e5ab53853689c63eb9a95a92cd80f444e47153ad6455952f581625c8477d6b933141e749151acae366b221ae02a822148c
SSDEEP

768:5loK+uJzmK9+jqAuVEMqq1RnvCKlMHK2kF4kU8/Vvpm3xxTB3lobeEm9U:5eKrdmc+VMq1KlMHKvUL3xxfobe9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73db384551a94a8843a77e729b06fe20

Files

73db384551a94a8843a77e729b06fe20
.exe windows:5 windows x86 arch:x86

0e73ec669a8245790d02f257deaa91e9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

IsValidSid
LookupPrivilegeDisplayNameW
LookupAccountSidW
GetSidSubAuthority
GetSidSubAuthorityCount
GetSidIdentifierAuthority
LookupPrivilegeNameW
CopySid
GetLengthSid
GetTokenInformation
OpenProcessToken

kernel32

FormatMessageW
LoadLibraryExW
GetLastError
CloseHandle
GetCurrentProcess
GetVersion
ExitProcess
TerminateProcess
HeapFree
HeapReAlloc
HeapAlloc
MultiByteToWideChar
RtlUnwind
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WideCharToMultiByte
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetModuleFileNameA
VirtualAlloc
GetProcAddress
LoadLibraryA
LCMapStringA
LCMapStringW
FlushFileBuffers
SetFilePointer
GetStringTypeA
GetStringTypeW
SetStdHandle

Sections

.text
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ