a23dc79bf6702ae1dd00f55ab3ccc374 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a23dc79bf6702ae1dd00f55ab3ccc374
Size

174KB
MD5

a23dc79bf6702ae1dd00f55ab3ccc374
SHA1

85b7004c2a125f6637e15c4ca1620e6d58579ddc
SHA256

cf2e4bb14e0c80c95c912efccb1ce35acb5871111c9a8b61f55c34b302fdf25f
SHA512

b78642c3c2f946ddb23db42d55c76a2f1f2e1a44eadee13fb99a42f77b2dd249124cf138c4ff4a902feab32eba762fb344011559973d4d75ce568ea3518c9cc4
SSDEEP

3072:kGnmmtrkIZE7lxPPiNJ/ccnsUQs+wyqJk4f1QsKHFaUdKgXtluK0:+aZE7l9P8J/cgsxsfJk49Qs+HdXt8K0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a23dc79bf6702ae1dd00f55ab3ccc374

Files

a23dc79bf6702ae1dd00f55ab3ccc374
.exe windows:4 windows x86 arch:x86

287fabf77b376fd3a7362214f292f10c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LCMapStringA
CreateFileA
LoadLibraryA
ExitProcess
GetCurrentProcess

user32

CloseWindow
wsprintfA
CharLowerBuffA
SetWindowLongA
CreateWindowExA

advapi32

RegDeleteKeyA
RegEnumKeyA
RegCreateKeyA
RegDeleteValueA
RegEnumValueA
RegCloseKey
RegQueryValueA
RegOpenKeyA
RegSetValueA

Sections

.text
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ