774b45efb3552924c05dd38293a0052f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

774b45efb3552924c05dd38293a0052f
Size

17KB
MD5

774b45efb3552924c05dd38293a0052f
SHA1

810b1c5ce0f9279d64bc7c57ccaeda8c4ce1a8a0
SHA256

9674d5157704e3281ce937fc15af5e0e50f8faf98d79a1f08bf1b27881f451e0
SHA512

d44299fca822bcf6d2eebe86b6eadb2c6b913dd5fc7d50ea5e387ccba5489f99a9d089401bc3a396d158abdc96475e4b0d5022dc10e3047af1b330060baf964a
SSDEEP

96:JZeiaKLfSNheysl+shVJ6HbvwZM0KokTYKaMM3tsrhis8piv6wwRo:JZeivL0ETUHUZ43AMGWrjsiv6wwRo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
774b45efb3552924c05dd38293a0052f

Files

774b45efb3552924c05dd38293a0052f
.exe windows:4 windows x86 arch:x86

f0925be1ef1ff0103fef864bfc9674fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenProcess
CreateToolhelp32Snapshot
Process32First
GetModuleFileNameA
LoadLibraryA
FreeLibrary
DeleteFileA
GetCurrentProcess
GetModuleHandleW
CloseHandle
GetProcAddress
CompareStringA
Process32Next
lstrcpyA
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
HeapAlloc
GetProcessHeap
GetShortPathNameA
GetEnvironmentVariableA
SetProcessPriorityBoost
SetThreadPriority
GetCurrentThread
SetPriorityClass
lstrcatA
TerminateProcess

user32

MessageBoxA
ExitWindowsEx
wsprintfA
IsWindowEnabled
AnyPopup

advapi32

RegEnumKeyA
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA

shell32

ShellExecuteExA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE