79d49f5ee6ead95c096d3c186169d47c | Triage

Sharing

General

Target

79d49f5ee6ead95c096d3c186169d47c
Size

16KB
MD5

79d49f5ee6ead95c096d3c186169d47c
SHA1

f75d5bf3f44ab7dbdb446944c7abed25aa5b6168
SHA256

7de8d603e644b057b082e7932689431d064ffefa0c3b2861edb76818c002e3d3
SHA512

f9780fb7973d0f95076bd9fd04b02cea3084e950c7e7c3f47af850a862aec0636a25a90879f54cc28f923688190c0e6ff64054774defbaa2c6b6b165290d5355
SSDEEP

24:eFGSpNtdz/EWITdPm1MpZ08GPWLvmkVcsiMriuSi9UbxwSaI8rD:iddblIRPmKpZ08GPWekyA/Fywbp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
79d49f5ee6ead95c096d3c186169d47c

Files

79d49f5ee6ead95c096d3c186169d47c
.exe windows:4 windows x86 arch:x86

934c17428640fbe95835f2b7cd185804

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep

advapi32

RegOpenKeyA
RegSetValueExA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 616B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE