e23aafbe57a58f302b4f6ee19ce5fcce | Triage

Sharing

General

Target

e23aafbe57a58f302b4f6ee19ce5fcce
Size

19KB
MD5

e23aafbe57a58f302b4f6ee19ce5fcce
SHA1

b33d45b7543cd81de3d8c06b9219ec7605710551
SHA256

a2d53a525fa5c5c77a38ba9c7a1a759267e313aca806d064570fc068e913cf45
SHA512

e83d08a654e98e33c1b1f5384e2ae401e5261823e3fbb440f7ecdd7b29687a2ed10bcaddb26b669c8a87055257f6d2d9d4215ebfaafd0c88322cbe4b1ce4ebd8
SSDEEP

384:AQEJH3vLovF12pBFD5IU4P1SQATxELBEzR:IBzij24Szt0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e23aafbe57a58f302b4f6ee19ce5fcce

Files

e23aafbe57a58f302b4f6ee19ce5fcce
.exe windows:4 windows x86 arch:x86

f45a61d8b4e099fd05f8626032b932c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strlen
memset
strcpy
strrchr

kernel32

WinExec
CopyFileA
lstrcatA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
LoadLibraryA
CreateMutexA
GetVersionExA
OpenProcess
GetCurrentProcess
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
WriteFile
CreateFileA
GetSystemDirectoryA
lstrcpyA
GetProcAddress
FreeLibrary
GetLastError

advapi32

RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
OpenProcessToken
AdjustTokenPrivileges
RegQueryValueA
LookupPrivilegeValueA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ