de843193682e2a940636007866ea133f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de843193682e2a940636007866ea133f
Size

7KB
MD5

de843193682e2a940636007866ea133f
SHA1

092dbd4e692fb2584ec5d2471cd1ec3d5c4b86d0
SHA256

e0534a71da7a70f39b6264549bcfcec71c96d639c0fcb503f6c83868670c13a2
SHA512

cd294d9435cbbc744f3ad24873c260a4891dcc169e34147d03ade1709cf6aeb9b5ed2ae7973ea607d78672bac2d5f53e3930cbacffd7d161cdcb40c89ba3d3fe
SSDEEP

192:7r14EVAtR5JmdAwbv/IO1Mi2/wxYoPr5mMs:vl6tR5JmTxk/wxYoD5mM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de843193682e2a940636007866ea133f

Files

de843193682e2a940636007866ea133f
.exe windows:4 windows x86 arch:x86

b940cadb80c6ab17c0d6c9725b30af77

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
HeapFree
lstrcpynW
GetFullPathNameW
SetEnvironmentVariableW
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
Sleep
MoveFileW
GetSystemTimeAsFileTime
DeleteFileW
lstrcpyW
lstrlenW
GetEnvironmentVariableW

user32

MessageBoxA

Sections

.text
Size: 7KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE