7948d66a6707bd7d79fa5d72fc2b7c0b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7948d66a6707bd7d79fa5d72fc2b7c0b
Size

212KB
MD5

7948d66a6707bd7d79fa5d72fc2b7c0b
SHA1

465f1d2506c6050b752bb5bc14deeb0a4a6319f2
SHA256

1c81139c068061c9c67d85a9541969a6d33ccf5b338a20ccab161e3089d21aa6
SHA512

6250664969e7500a93d918aeae35da001baedfa27b99f20d0321d616fb3da3d613beb505a6b44fcebf1b5ac1ed956f794f29bfb2b228c3dd514f2661f7370c50
SSDEEP

1536:+k4ePL6ls9bQ//4a0BIJdA/7ucLd5JRB1dzadakC8zOdVzbxBevcyMOFal/6+o6Q:JpLe/d0GL/cpDhdOK8ziEcyJF+/6viU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7948d66a6707bd7d79fa5d72fc2b7c0b

Files

7948d66a6707bd7d79fa5d72fc2b7c0b
.exe windows:4 windows x86 arch:x86

0fb550c1ef9221de0a6d52c33066ac56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetSystemWindowsDirectoryA
FlushFileBuffers
GetDefaultCommConfigA
WriteProfileStringA
SetThreadUILanguage
GetLogicalDriveStringsA
OpenEventA
GetMailslotInfo
GetTickCount
FindFirstFileA
WriteFile
VirtualAllocEx
DebugBreak
GetCurrentProcess
GetStdHandle
CreateEventA
GetLongPathNameA
SetFileAttributesA
_hwrite
GetConsoleWindow
GetAtomNameA
ReplaceFileA
SetCommConfig
GetConsoleWindow
ReadConsoleA
SetFilePointer

wininet

InternetCrackUrlA
InternetQueryDataAvailable
InternetUnlockRequestFile
FtpSetCurrentDirectoryW
ResumeSuspendedDownload
DetectAutoProxyUrl
InternetGetConnectedStateExA

Exports

Exports

Lskhipk
Ykmvskpuf

Sections

.rtext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 200KB - Virtual size: 481KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ