8073fb61fea822d453964aba7ac4d8f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8073fb61fea822d453964aba7ac4d8f3
Size

28KB
MD5

8073fb61fea822d453964aba7ac4d8f3
SHA1

92c7e121586acf0484032e33e14f6a81d16d9aed
SHA256

e4a45df9c479affbfb2c95cf93483ae2981b0302fc79b0f074dbb154adf56930
SHA512

05d646ff74578c3a5905bd15b6b58a162cbc1d37a64ccf4dbb089ddf129892f926f17308b2fdd81238012a8d1af083b90172aba67dfba28a5553d8b08735c07b
SSDEEP

384:IHssVWWWc6UWe1DLUYkAbEWpdU7Kp1WfKiojP/H2RFE5MXFPOMjULCbQKuN+0:Ek01D3vp1qUjP/H2RFLPxU+btcR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8073fb61fea822d453964aba7ac4d8f3

Files

8073fb61fea822d453964aba7ac4d8f3
.exe windows:5 windows x86 arch:x86

5d260a2f142b175a2c50b5d2b1b7df4d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegSetValueExW

kernel32

ExitProcess
GetLastError
FreeLibrary
GetCommandLineW
GetProcAddress
LoadLibraryW
WritePrivateProfileStringW
ExpandEnvironmentStringsW

user32

wsprintfW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE