c9915fcff4c31e6ca514e59e31f9f4d2 | Triage

Sharing

General

Target

c9915fcff4c31e6ca514e59e31f9f4d2
Size

254KB
MD5

c9915fcff4c31e6ca514e59e31f9f4d2
SHA1

93bd7918d352b9e071f6e149d70337199a25231f
SHA256

f453a03c86004d016d567e718d9222d297bc2023a38f3b6dd9a563f3764573c0
SHA512

28515a993b16eed6eacc73575b0dd2fa62c1fa6020a0c0f5cd213debfa1f3653b16e50bbf2e130c91ab8972942cc8ce17b8ff0ec372ae3ed079d2e6f1a29b965
SSDEEP

6144:pRIcMXDEvzhtPrDPhMLeVZAvSBjEg4nwnnjSs3EjU0cMCu:kclvzLDPhCEwq/E40BCu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9915fcff4c31e6ca514e59e31f9f4d2

Files

c9915fcff4c31e6ca514e59e31f9f4d2
.exe windows:4 windows x86 arch:x86

219fd51129b2e6ba447194a3ab7448f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

CharNextA

oleaut32

SysFreeString

advapi32

RegSetValueExA

ole32

OleInitialize

pstorec

PStoreCreateInstance

rasapi32

RasGetEntryDialParamsA

shell32

SHGetSpecialFolderPathA

crypt32

CryptUnprotectData

Sections

CODE
Size: 246KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE