421a7e5a1f3c3d479daac25d05801ae4c8e803187369d5ef6d6dafdf629c43b4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421a7e5a1f3c3d479daac25d05801ae4c8e803187369d5ef6d6dafdf629c43b4
Size

62KB
MD5

53893f0d8896807ab193ae1ddad9a14c
SHA1

07f076e17b24b6a253a9e188daf05613df724e45
SHA256

421a7e5a1f3c3d479daac25d05801ae4c8e803187369d5ef6d6dafdf629c43b4
SHA512

be854277aecbbb1dbf76fe5d68c75f2036000f7acdb46dbe307beb07b91a7f993ec66eae0eacf0ccb800a5f7bf07d8d705f071c9662fb211d80111b74854f4d4
SSDEEP

768:8g6kEEcCHZbGqMsi0xhxmd6AU1PAZPMTm2MdtyNbvDAfPwlJEz4HbZ:T6kEyZmEmd6AU1PAZPom2MdwdcnwQz4F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421a7e5a1f3c3d479daac25d05801ae4c8e803187369d5ef6d6dafdf629c43b4

Files

421a7e5a1f3c3d479daac25d05801ae4c8e803187369d5ef6d6dafdf629c43b4
.exe windows:4 windows x86 arch:x86

794c460c5104c94553b20b16b5a764d3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
LocalFree
lstrcpyn
CreateFileA
CloseHandle
CreateEventA
ResetEvent
WriteFile
WaitForSingleObject
CancelIo
ReadFile
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
LCMapStringA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiGetDeviceInterfaceDetailA
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA

msvcrt

_CIfmod
__CxxFrameHandler
strncmp
memmove
modf
sprintf
atoi
_ftol
free
malloc
strchr
realloc
??3@YAXPAX@Z

user32

wsprintfA
GetSystemMetrics
DispatchMessageA
TranslateMessage
GetMessageA
PeekMessageA
MessageBoxA

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ