dea376a4d07de513a77a4f9a2900c904 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dea376a4d07de513a77a4f9a2900c904
Size

170KB
MD5

dea376a4d07de513a77a4f9a2900c904
SHA1

3e0ce6a50063f9426794e4d20c88ab4ef4983647
SHA256

f241169ae4c1b531e738a2c0c73b2e279d93baf3d700cf1e787a7553c0fceb25
SHA512

bbc721ddcad17f676092e15616616dc9e9f8095884663d040109b2a3c62e34badd8b7222900985570fead3ab28f82a92e6f48400ab9a04c3daf1c89061377016
SSDEEP

3072:VtV6MAUF2yW8VWhsA0YFIW0nKFuX/FKGnA:96BUF7RIgW0KFuX/tA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dea376a4d07de513a77a4f9a2900c904

Files

dea376a4d07de513a77a4f9a2900c904
.exe windows:5 windows x86 arch:x86

e52fc8f511500f85790a2a6db0bd8d75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegLoadKeyW
RegCreateKeyA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyExW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
RegFlushKey
RegCreateKeyW
RegEnumValueA
RegCreateKeyA
RegOpenKeyW
RegDeleteKeyA
RegQueryValueA
RegOpenKeyExA
RegCreateKeyA
RegCreateKeyA
RegOpenKeyExA
RegOpenKeyA
RegEnumKeyExA
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyA
RegEnumKeyW
RegEnumKeyA
RegQueryValueA
RegOpenKeyExA
RegQueryValueExA
RegFlushKey
RegCreateKeyA
RegOpenKeyW
RegQueryValueW
RegDeleteKeyA
RegDeleteKeyW

kernel32

ExitProcess

user32

IsMenu
GetMenu
IsWindow
LoadCursorA
CopyImage
GetFocus
AppendMenuW
GetScrollPos
GetScrollInfo

Sections

.molhl
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ngjdp
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.emca
Size: 127KB - Virtual size: 466KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bjhnp
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.flafb
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ