d7a1c23bb0f2aa6c06db90a099fa027e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d7a1c23bb0f2aa6c06db90a099fa027e
Size

88KB
MD5

d7a1c23bb0f2aa6c06db90a099fa027e
SHA1

16f2034e9ac8bf387be6425ae052a8c02086cf30
SHA256

63beb2b37f1d46f888bf239cb779d0b240e9032f6f1001022c21fe145d281b6f
SHA512

3d445c83c8b32a9a0bf82c6d3ebc3455cbc941b750d601f6085e6ae017756a40539ce825bfddd2effaba840b68b6c9d8c31dc0059f475d088e95adf7c0f87e75
SSDEEP

384:HrYJ7ACEZdbS30lwgn71/COYBsf1LttkE+zIfwkcsf/4yTX9DVV3qtfUjpE0Wn:EJ7urw3i8EoIfUi/TtDKtsjpXs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d7a1c23bb0f2aa6c06db90a099fa027e

Files

d7a1c23bb0f2aa6c06db90a099fa027e
.exe windows:4 windows x86 arch:x86

6abc07f8725616ad05ce2e5b362c3952

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetModuleHandleA
GetLastError
SetLastError
GetProcAddress
Sleep
ExitProcess
GetCommandLineA
CreateThread
FreeLibrary
GlobalFree
CloseHandle
GlobalAlloc
GetStartupInfoA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyA

msvcrt

strlen
memset
_except_handler3
strcpy
strstr
_exit
_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_controlfp
strcat

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 908B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.srdata
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE