7d4d05b4ca271be00a4dbf107487249e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d4d05b4ca271be00a4dbf107487249e
Size

66KB
MD5

7d4d05b4ca271be00a4dbf107487249e
SHA1

1d1aa62cd9b6fd50ba935ff39ef93ca0294b440c
SHA256

e94a3f612303cb03c4202606ca364ba8d146cb8bfe812684971f09f7d0fa4ce4
SHA512

592d24effe470d303b448a67208666274d9df47635aa67cc9cd835a583b5499413e56b3ab248246601a72b20bf4e5ca6292f8584e3c820e861b07f0bf9497168
SSDEEP

1536:s51KDP9aCU10LgapKnuFR3szpeLi8nQl00x:wKJRjkapKce8LA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7d4d05b4ca271be00a4dbf107487249e

Files

7d4d05b4ca271be00a4dbf107487249e
.exe windows:4 windows x86 arch:x86

7631b7d2e4f2d23d3e370ffe315f5187

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MoveFileA
DeleteFileA
GetTempFileNameA
GetTempPathA
CreateProcessA
MoveFileExA
GetModuleFileNameA
GetSystemDirectoryA
GetFileAttributesExA
SetFileTime
CloseHandle
CreateFileA
GetTickCount
GetWindowsDirectoryA

msvcrt

memset
_strlwr
swprintf
strlen
fclose
fwrite
fopen
strncpy
fread
strcat
strcpy
sprintf
_stricmp
strrchr
rand
srand
_snprintf

setupapi

SetupIterateCabinetA

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 16B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ