f88c098046d9f0f6590ffe1fcd1af93f331c89ffbc4a88fd9f8b3c309449b955 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f88c098046d9f0f6590ffe1fcd1af93f331c89ffbc4a88fd9f8b3c309449b955
Size

928KB
MD5

3c5eb526898cc753740d10123d2bc54a
SHA1

077279ff1b6e3769c216004ee00a39abe0a75df6
SHA256

f88c098046d9f0f6590ffe1fcd1af93f331c89ffbc4a88fd9f8b3c309449b955
SHA512

2412a82b25138cb188f37a37843deb4a89028acc0715bcd4b76a6685308e3acad63e608bb4228112a0805ff649c4fbeb9b5642915d5c9c7f4bee59fb4f3aba7d
SSDEEP

24576:To/k95b42ekdg2TQ+ZTeFJCi4V2WDckX2Hl4bVpGcUMvGb:TN34wdzsQKjbWgq2HlMV7Ob

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f88c098046d9f0f6590ffe1fcd1af93f331c89ffbc4a88fd9f8b3c309449b955

Files

f88c098046d9f0f6590ffe1fcd1af93f331c89ffbc4a88fd9f8b3c309449b955
.exe windows:4 windows x86 arch:x86

3a8897c84eb41f36b4bbabcc617408b8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress

msvcrt

strncpy

iphlpapi

GetInterfaceInfo

psapi

GetMappedFileNameW

user32

GetWindow

advapi32

RegDeleteKeyA

shell32

SHGetFolderPathW

Sections

.text
Size: 128KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 788KB - Virtual size: 788KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ