966c821375bb297fb161b30e36659a0d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

966c821375bb297fb161b30e36659a0d
Size

52KB
MD5

966c821375bb297fb161b30e36659a0d
SHA1

636cb17cc2130b508a477b5a96937a608e87041d
SHA256

2993103a6997333af6b6430111922e49ec908fea6967013b0c70a58765da6c31
SHA512

16434416c7d3c0a386deb8a7049e4914693da03d0b9933a61c4bb1d44fb0e63ae0dc735ecc977b9ea9fc4b0dcb6b536bbfde6e935ecee8ef162c5c8ada5d3931
SSDEEP

1536:bJACXCBSERHdNozUdxC+hZewI+ycHQrp/VX5eckJ:1AHPHNoId33eEZ8/aJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
966c821375bb297fb161b30e36659a0d

Files

966c821375bb297fb161b30e36659a0d
.exe windows:4 windows x86 arch:x86

3b6e3b0f276cd8981b021d6bbced6749

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

ExitProcess
GetSystemTimeAsFileTime
CloseHandle
GetStartupInfoA
GetModuleHandleA

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.itext
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 32KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ