04e197c60dd36ace547c4de4f3743ff9b0271e49ee2898585a0d9df6609255ef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

04e197c60dd36ace547c4de4f3743ff9b0271e49ee2898585a0d9df6609255ef
Size

76KB
MD5

a33cef87cec95af807dd83b0f5eea8fa
SHA1

1fd3ae4040964302f35b6ab3a00c49d29707b023
SHA256

04e197c60dd36ace547c4de4f3743ff9b0271e49ee2898585a0d9df6609255ef
SHA512

53630a3752807a3efd253bb4162cdca1c4a91296f38e336f489d91befae0a33f7c22a31927f70d6de74dd166618aa9a6d1614e29bdb3aa45de9e50124b1083b3
SSDEEP

1536:DqodsDBbR5uF2IMJsz1vQrL4P0kRUAghwGtM6dmIJNRjEErxTWDTMqhGKYIZTETw:DqodUJR5uF2fJ01vQ3o0hwx6dLNRjBkX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04e197c60dd36ace547c4de4f3743ff9b0271e49ee2898585a0d9df6609255ef

Files

04e197c60dd36ace547c4de4f3743ff9b0271e49ee2898585a0d9df6609255ef
.exe windows:4 windows x86 arch:x86

a49f587a2d1734240e13d41c420f02c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameW
IsWow64Process
MoveFileW
EnumDateFormatsA
LocalAlloc
GetCurrentProcessId
EnumUILanguagesW
SetLocalPrimaryComputerNameA
HeapCreate
CopyFileW
lstrcpyn
RegisterWowBaseHandlers

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE