8024a116acf1cc7d48078f3cfba77ed7 | Triage

Sharing

General

Target

8024a116acf1cc7d48078f3cfba77ed7
Size

200KB
MD5

8024a116acf1cc7d48078f3cfba77ed7
SHA1

6cdd44546131a95b07a0453adcfc8d384a0b423c
SHA256

e5894a36158d2c94791d646b9d518d1941088902da72fdbbe1aa50cfd55b8509
SHA512

dc1fc52b98495d5d4af1251d2b2dbd439d3c9b26c5acd60e907efdf59ede90bef0f3fb99a503ff7089b404814918154f8589dca38d9072d0afb00287bad4410f
SSDEEP

3072:98DJZ1xzQVaPEoytiXySiORdVY9LF/TaQpcf0aL1x:98NX2aPy/Op61Wt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8024a116acf1cc7d48078f3cfba77ed7

Files

8024a116acf1cc7d48078f3cfba77ed7
.exe windows:4 windows x86 arch:x86

1db365393b7c724ac6fbc34ba4043275

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringA
LocalAlloc
GlobalAlloc
GlobalFree
lstrlenA
LocalFree

user32

wsprintfA

advapi32

RegDeleteValueA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 443B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 478B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE