749afee60f5703211f9ca7e01fbc046c59b2bad6181163315e94b617c1616a4a | Triage

Sharing

General

Target

749afee60f5703211f9ca7e01fbc046c59b2bad6181163315e94b617c1616a4a
Size

161KB
MD5

076b31714e6dd774c74f603508a69a69
SHA1

8244fb53d7636042bf2f2a3dc24dcdf60eb9c049
SHA256

749afee60f5703211f9ca7e01fbc046c59b2bad6181163315e94b617c1616a4a
SHA512

908e2b6fba0faa7eaa7c008653934f7bf45d81cec3e863abf7160b86a02f3ebc67345dd20de3824b901f86cc667623d10f49801db97ff66b3984f5f51ae7cae5
SSDEEP

1536:Ua1cZRjEVg8ndaAzxEm/JvbwCf4lxevMyc+4qEKvg0L4pE64OWQ7esW57Brw:1OR4VaAR/JvbwCwUvAl8wqOb7257Bs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
749afee60f5703211f9ca7e01fbc046c59b2bad6181163315e94b617c1616a4a

Files

749afee60f5703211f9ca7e01fbc046c59b2bad6181163315e94b617c1616a4a
.exe windows:5 windows x86 arch:x86

e02b3b2a28003967aba212e57cff3f3c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetScrollPos
DrawTextW
BeginPaint

kernel32

OpenFile
DeleteFileA
ExitProcess
FlushFileBuffers
CopyFileExA
GetCPInfo
FindClose
GetFileTime
WriteFile
lstrcatA
GetLocalTime
ExitThread
GetLastError
OpenFileMappingA
GetFileType
GetCommandLineA
HeapAlloc
HeapFree
CompareStringA
lstrcmpA

advapi32

RegOpenKeyW
RegQueryInfoKeyA
RegDeleteValueA
RegDeleteKeyW

Sections

.c2a6
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.4gcb0
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.373h
Size: 111KB - Virtual size: 475KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.71h8
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dcfa8
Size: 1024B - Virtual size: 801B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE