26e23a0748cb04701a6c7db1ef78f7638de570bb04ebbac9aa84bc214dc7aabc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26e23a0748cb04701a6c7db1ef78f7638de570bb04ebbac9aa84bc214dc7aabc
Size

20KB
MD5

505a64ad0d9595a613fd6b0dce7de6fb
SHA1

bf6cc3fae1398533748bd506bcad36974fdb51c5
SHA256

26e23a0748cb04701a6c7db1ef78f7638de570bb04ebbac9aa84bc214dc7aabc
SHA512

9ed1b98400c9d4188f4386647d441fa43934a0825c118d1693d85e3662e546eebb2dba23a0d9018ddf94967ff934f51d0b92ae32e78cf179af317cf51fdf547c
SSDEEP

48:yFbcdx6IE+lXsNrcYlMaLHJQ47heAGLlLRtboyl1AQgV6ThccFLuHlLsr8bpLYC:8F7biUeA8lLRtboynA5oFzLgb1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26e23a0748cb04701a6c7db1ef78f7638de570bb04ebbac9aa84bc214dc7aabc

Files

26e23a0748cb04701a6c7db1ef78f7638de570bb04ebbac9aa84bc214dc7aabc
.exe windows:4 windows x86 arch:x86

877c8a49b0e03d8502c0d91f0d412528

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

fjfbucmn

?FjLaunchProgram@CFjFBUCommon@@SAHVCString@@AAK@Z
?FjLaunchProgram@CFjFBUCommon@@SAHVCString@@@Z
?GetApplicationPath@CFjFBUCommon@@SAHPAVCString@@@Z
?IsSlate@CFjFBUCommon@@SAKXZ

mfc42u

ord540
ord925
ord800

msvcrt

__set_app_type
_except_handler3
_controlfp
__p__fmode
exit
_adjust_fdiv
__setusermatherr
_XcptFilter
_exit
_initterm
__getmainargs
_acmdln
__p__commode

kernel32

GetStartupInfoA
GetModuleHandleA

advapi32

ReportEventW
RegisterEventSourceW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
DeregisterEventSource

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 340B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ