24a37deae06b1c5adacb0ddb75527e27e5d2c4ea0ddce9e78fe154de5a2a35f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

24a37deae06b1c5adacb0ddb75527e27e5d2c4ea0ddce9e78fe154de5a2a35f6
Size

7.8MB
MD5

68bd43722bb2581127544164d0139b00
SHA1

b91fbd8a37490e17e68050ecff7e9a8a73d86692
SHA256

24a37deae06b1c5adacb0ddb75527e27e5d2c4ea0ddce9e78fe154de5a2a35f6
SHA512

a21eef511d485bc04762d79fef2ac6e69864c6d9efd97ff24a114c71d75d2e7af5ed984e373a547f045594e41af39e757c228afd84d934070d631b7a2e726c42
SSDEEP

196608:gSdQQd8FC0WemyCvPvEr53+09KPr6TorQVFOnR:/dZ0WrjZPR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24a37deae06b1c5adacb0ddb75527e27e5d2c4ea0ddce9e78fe154de5a2a35f6

Files

24a37deae06b1c5adacb0ddb75527e27e5d2c4ea0ddce9e78fe154de5a2a35f6
.exe windows:6 windows x64 arch:x64

43d8de54265239bd44838a627225717e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

ntdll

RtlPcToFileHeader

kernel32

GetConsoleOutputCP
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

GetWindowThreadProcessId

advapi32

RegOpenKeyExW

Sections

.text
Size: 143KB - Virtual size: 143KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 500B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yJ,
Size: 4.8MB - Virtual size: 4.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.a%y
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.}D)
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ