7d33e90e61160ed541bd8b3fc6131b46

General

Target

7d33e90e61160ed541bd8b3fc6131b46
Size

104KB
MD5

7d33e90e61160ed541bd8b3fc6131b46
SHA1

5734adbdb6ae7ebd82f9ef081552f1c8ffb33f1c
SHA256

650e88200c2533409bb088cd8d9db6f9d47ff2797e13b7d7b7b8ff6c8ae47b24
SHA512

182dfecb7c9b04c53891db7b92135e5c2f0125855ba6fb699afc1879e3ddd0df3ad90f5f6bb20bea9398e0608573bd3827efa5678a09e9f0fb935e5f5c9dfda3
SSDEEP

3072:gz7lRyUzrWDnYN3zlSWHEQfSzzPRGwc5dGL3P1m:I7LQYN3pSvLcTGrc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d33e90e61160ed541bd8b3fc6131b46

Files

7d33e90e61160ed541bd8b3fc6131b46
.exe windows:5 windows x86 arch:x86

b318adeca8983660bd5e7556f344d941

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mshta.pdb

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
ExpandEnvironmentStringsA
GetStartupInfoA
GetCommandLineA
GetVersionExA
ExitProcess
GetModuleHandleA
WriteFile
GetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetLastError
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsFree
SetLastError
GetCurrentThreadId
TlsSetValue
TlsGetValue
TlsAlloc
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
LeaveCriticalSection
EnterCriticalSection
GetACP
GetOEMCP
GetCPInfo
InitializeCriticalSection
VirtualAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
VirtualQuery
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect
GetSystemInfo
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b318adeca8983660bd5e7556f344d941

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

advapi32

kernel32

Sections

.text Size: 21KB - Virtual size: 21KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 79KB - Virtual size: 80KB

.text
Size: 21KB - Virtual size: 21KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 79KB - Virtual size: 80KB