ecab880c2616f9b3ff19fb74d06929a9331b895954043b60dc8d81f736f96741 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ecab880c2616f9b3ff19fb74d06929a9331b895954043b60dc8d81f736f96741
Size

916KB
MD5

3022da9ae0c8ba55855ad0b08c0c54f1
SHA1

fb8cfe8434f5100cc0ff2bd0a847dcbd19bc622d
SHA256

ecab880c2616f9b3ff19fb74d06929a9331b895954043b60dc8d81f736f96741
SHA512

8787438438689c5133a0b7b31f86070973dbc222eb3bfd0d2ea73482c3de58c0d7cc880dddc568735efaf4840aecda27cbbb07838c09f5b31b1cf7e33da24afd
SSDEEP

24576:jOSytyg+79z23RyFMf4za6J+4k8re8mJ3eFW39A2i07NkoX+fGqzGcD:n7yR2sAc3+W3WYkooOY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecab880c2616f9b3ff19fb74d06929a9331b895954043b60dc8d81f736f96741

Files

ecab880c2616f9b3ff19fb74d06929a9331b895954043b60dc8d81f736f96741
.exe windows:4 windows x86 arch:x86

3a8897c84eb41f36b4bbabcc617408b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 128KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 776KB - Virtual size: 776KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ