e04499f8b4b6e138b19b5bc8b80e4042 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e04499f8b4b6e138b19b5bc8b80e4042
Size

20KB
MD5

e04499f8b4b6e138b19b5bc8b80e4042
SHA1

61fbd08f78ffdc0852162a8df7b4c215dbbec8aa
SHA256

2189da27f2d6c5914fcd33b50158d2b76984cf4554158442489a2116ac152a07
SHA512

d56ea91c6dcde1d2b18adf6356c582a9c7b065d4b2fe221e4af5910ada6047a448af9622b2bf5d5991350a677839d57b6a3ded9bd053bc78735e79b7c1964bb6
SSDEEP

384:opjPxVqNMDVzZ7UTw6AlT+WymHDLyM8nYG8ROr:ohPxV4MhzZ7UTyiWyTnYGL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e04499f8b4b6e138b19b5bc8b80e4042

Files

e04499f8b4b6e138b19b5bc8b80e4042
.exe windows:4 windows x86 arch:x86

5a951100f7cfad9794160ae09f737d02

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
TlsFree
FreeLibrary
TlsGetValue
TlsSetValue
GetModuleHandleA
GetThreadPriority
GetStartupInfoA
Sleep
GetCurrentProcess
TlsAlloc
GetCurrentThread
CloseHandle
VirtualAlloc
GetCurrentThreadId
GetCurrentProcessId
GetCommandLineA
GetModuleFileNameA
GetDriveTypeA
GetSystemDefaultLangID
GetLogicalDrives

user32

RegisterClassA
GetWindowDC
GetClassLongA
BeginPaint
GetDC
ShowWindow
GetWindow
UpdateWindow
GetSystemMetrics
GetFocus
GetWindowTextA
ReleaseDC
GetForegroundWindow
GetWindowLongA
OpenIcon
GetActiveWindow
IsWindowVisible
CreateWindowExA
GetWindowTextLengthA

advapi32

RegOpenKeyExA
RegCloseKey
IsTextUnicode
GetUserNameA
RegQueryValueExA
RegCreateKeyExA

version

VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ