6172420746_fa5b926e2967cdfee0551d316f9e7929 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6172420746_fa5b926e2967cdfee0551d316f9e7929
Size

619KB
MD5

fa5b926e2967cdfee0551d316f9e7929
SHA1

89839d11de95eeb4b5a6ccb146ad0e0c9ee3448c
SHA256

90ffda536e508bc81be7a4906ed4d9d2a4d9f2563f459e86fa8961f67b4ba3cf
SHA512

14fb907e620423cd043f3b0ef7248d8da266e791da459982d05eaaa68a3f7c105c45fe6220dc0d5d1a3d995c7d46f1e6837f5631558d6a6505c2401a93417928
SSDEEP

12288:StuMpKtYY0UPy1ihHD6xfRIA8D+rprUcCzpFDsQxT:iK2Ky1Dx5HTxUF7T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6172420746_fa5b926e2967cdfee0551d316f9e7929

Files

6172420746_fa5b926e2967cdfee0551d316f9e7929
.exe windows:4 windows x86 arch:x86

81c349d533e3cc43ff4ccc8fb65f89d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
ExitProcess
CreateFileA
GetCurrentProcess
CloseHandle
LCMapStringA

user32

wsprintfA
SetWindowLongA
CreateWindowExA
CharLowerBuffA
CloseWindow

advapi32

RegEnumValueA
RegDeleteValueA
RegQueryValueA
RegCreateKeyA
RegDeleteKeyA
RegCloseKey
RegSetValueA
RegEnumKeyA
RegOpenKeyA

Sections

.text
Size: 560KB - Virtual size: 560KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ