e178541404b41262e08430bee3bf7db0501aa662f8ba393e983e406bd3d36e0a | Triage

Sharing

General

Target

e178541404b41262e08430bee3bf7db0501aa662f8ba393e983e406bd3d36e0a
Size

119KB
MD5

caf33f676da7aa31ab95c555b2b4dc77
SHA1

7ef07c1abdc68872b1c458f97bfacc31ce4191f9
SHA256

e178541404b41262e08430bee3bf7db0501aa662f8ba393e983e406bd3d36e0a
SHA512

6ae70c24064d3c6b97e2a6e501829cafd69e9a0a181abe822143643adde24c690a9e04308bd1c4b6c30d774d7888f0a0bb28f93af3cdc827b8e58413078a2b23
SSDEEP

3072:XigZRqeYOmDQ3sOucneDk81/6/j5BL1hhgaxT5Y2IGw9w:XLzLuCe481/ij5Z1L5L+w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e178541404b41262e08430bee3bf7db0501aa662f8ba393e983e406bd3d36e0a

Files

e178541404b41262e08430bee3bf7db0501aa662f8ba393e983e406bd3d36e0a
.exe windows:4 windows x86 arch:x86

eaa360ac612df468bfc29e23034491e1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResolveLocaleName
GetEnvironmentStringsW
ResumeThread
GetSystemTime
GetNextVDMCommand
EncodePointer
EncodeSystemPointer
GetCalendarInfoA
EnumSystemLanguageGroupsA
lstrcpynW
lstrlen
GlobalAddAtomExA

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 105KB - Virtual size: 126KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE