a286139fcc534cb36e6f748751d6bd7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a286139fcc534cb36e6f748751d6bd7e
Size

19KB
MD5

a286139fcc534cb36e6f748751d6bd7e
SHA1

11517c27a7a9933a02571252980a4704d4389b57
SHA256

be534854ec4834fe712715343b9743cf255144129e2e5978510ccc54feaf43d4
SHA512

a4b6b64c9a2ad0a2fedd49f9f52479af61b748f7d584f4f05d2e993d56fe6f3dd217a7ba2e684df821ca886916067c8722d057aaaf5309ccb939896d89351148
SSDEEP

384:quieNyx0naqXlDapnqF1oLAVLCb0Pl8gRE+kh3:qulO0n5InAxBkh3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a286139fcc534cb36e6f748751d6bd7e

Files

a286139fcc534cb36e6f748751d6bd7e
.exe windows:1 windows x86 arch:x86

75d4c4439f8b0948dfdf859edb42d33b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

msvcrt20

malloc
__p__iob
fwrite
_fsopen
printf
fclose
exit
_exit
_XcptFilter
free
_initterm
__getmainargs
__p__commode
__p__fmode
_except_handler3
_controlfp
__p___initenv
strchr

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 23B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 616B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 270B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ