d6151f17430e3c9a5e252c42e3b7663d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6151f17430e3c9a5e252c42e3b7663d
Size

175KB
MD5

d6151f17430e3c9a5e252c42e3b7663d
SHA1

a63ffa2e30c097b8b005b19fa51cfe79cbec9e93
SHA256

19b096dc09ac7603739721e7e7ff30242978d7f78323e2660ec3926d1a827832
SHA512

94ce1a5e1e1e591066afc2550dae6d844b183bc01e0815239782b34b487064f797890abe2ef1ce150b90db98bd1bf865b571b2bb46b77d7e1e064fcb5f593fc4
SSDEEP

3072:qFgOkQmJjnxLduWk2G4WGmHa4dDR7UVbxl01It2nnr5XaTbUqw9cdmo:v1FRBk2GRLsxl3t2nrpaTK8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6151f17430e3c9a5e252c42e3b7663d

Files

d6151f17430e3c9a5e252c42e3b7663d
.exe windows:4 windows x86 arch:x86

697b43b99277d528afcfbb9a02d612ff

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAllocEx
MultiByteToWideChar
GetSystemTimeAsFileTime
WideCharToMultiByte
EnumResourceNamesW
CreateProcessA
RaiseException
LocalAlloc
OpenWaitableTimerW
lstrlenA
InterlockedExchange

advapi32

RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyExA
RegSetValueExA

rpcrt4

NdrFixedArrayFree
UuidCreate

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

shlwapi

PathFileExistsW

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ