8e515493a1e365fdba8e7b6f4ddccf54 | Triage

Sharing

General

Target

8e515493a1e365fdba8e7b6f4ddccf54
Size

48KB
MD5

8e515493a1e365fdba8e7b6f4ddccf54
SHA1

3f5e41edeaaba8563e0e958eb1704b065d6b40f5
SHA256

892aa40c8ebba658c8aa0d00ec7547c1d0dc0d8e56c7f4d075a8cd95e8666885
SHA512

518cf1853fc48a5ab450b958e10124f534e2fda2b06cf5bea59982459c78e5c86354e2312ae69dd14e4bf12bd77b37f23d25f164b4a214b47043ba3480601d73
SSDEEP

384:/ggsb1ofjqDWlCbZXUu4XkdO5eja4uC5627n8VzR0P6Ij:QxobqHXUu4XkdEH4ug6A8Vz+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e515493a1e365fdba8e7b6f4ddccf54

Files

8e515493a1e365fdba8e7b6f4ddccf54
.exe windows:4 windows x86 arch:x86

f1def05e591478018b521c49d389108f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegSetValueExA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
fopen
fseek
fread
fclose
sprintf

kernel32

GetStartupInfoA
GetModuleHandleA
GetShortPathNameA
GetEnvironmentVariableA
lstrcpyA
lstrcatA
GetCurrentProcess
SetPriorityClass
GetCurrentThread
SetThreadPriority
CreateProcessA
ResumeThread
GetModuleFileNameA
GetSystemDirectoryA
lstrlenA
FindFirstFileA
CreateFileA
WriteFile
SetFileTime
CloseHandle

Sections

.text
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ