7a6105b7892ef5e936bcf5cdd1ef4574 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7a6105b7892ef5e936bcf5cdd1ef4574
Size

160KB
MD5

7a6105b7892ef5e936bcf5cdd1ef4574
SHA1

94ac84f5699e4034d57fd8150a5a646b14a4525d
SHA256

12d23d8cd91a7cb75eb8c321fa1e15738cf85a7e3799567cd0f62af7400740a5
SHA512

203d13fab0cd8e2a09f7bc1a5a572f39e896c416c34155b54270c1ec84158e9003800125ee5f7ed4204d2b1f806d252900007f4bc8b7aeb0ee0816fafca380c2
SSDEEP

3072:m5joUOlAcjslUBHwa+DXLGvuDJWh6hh4wIcOYTyMjsXWIJNkpmJCdtFapU:k05lAcvlw7jMuNWwr3Ty2sbIaCdtFai

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a6105b7892ef5e936bcf5cdd1ef4574

Files

7a6105b7892ef5e936bcf5cdd1ef4574
.exe windows:4 windows x86 arch:x86

51cc948582127107e0599dc3f1107bf0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LCMapStringA
ExitProcess
LoadLibraryA
CloseHandle
CreateFileA
GetCurrentProcess

user32

CharLowerBuffA
SetWindowLongA
CloseWindow
CreateWindowExA
wsprintfA

advapi32

RegCloseKey
RegEnumValueA
RegCreateKeyA
RegQueryValueA
RegOpenKeyA
RegDeleteValueA
RegSetValueA
RegEnumKeyA
RegDeleteKeyA

Sections

.text
Size: 142KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ