00187005544fcf371a50ee2ace2f8340N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

00187005544fcf371a50ee2ace2f8340N.exe
Size

62KB
MD5

00187005544fcf371a50ee2ace2f8340
SHA1

135dd48891ec204bdf0fbb74568073aeb9928da9
SHA256

26d8701ceafc3d3716e842eb516418cc8dfb112574e9cf33c1405919750636a6
SHA512

75b852a5ba1d7473294d4c0a45634845a98ff2c6bb52f9d7c75b2ec1df0ab366973f9fb7991c6ba0d125219a16fa89e9032d8c109ea31be543e1cc6b0ccfade7
SSDEEP

1536:vTkwPeSMb9y9BJHEiJwlJQavcKtrH6gVTKu6JdWPVp4XBx2UfmcOUbsob28bwO:7OlJ7LugVTKuIdWPVWXBx255msoK89

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
00187005544fcf371a50ee2ace2f8340N.exe

Files

00187005544fcf371a50ee2ace2f8340N.exe
.exe windows:4 windows x86 arch:x86

3287d7ac1a93ccfcf43c6354d56ee2bf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStringTypeExA
GetTempPathW
GetFirmwareEnvironmentVariableW
GetProcessWorkingSetSize
GenerateConsoleCtrlEvent
DeleteTimerQueueTimer
WritePrivateProfileStringW
GetNumaHighestNodeNumber
FormatMessageW

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 47KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE