62a90722ba3ed116a21d27d052dceee12025b8d49d7516cbded4279cba9d5f5f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62a90722ba3ed116a21d27d052dceee12025b8d49d7516cbded4279cba9d5f5f
Size

54KB
MD5

2f5f18425a63104f9c667756153fa179
SHA1

a6c939246f1ed70307e88d8b70caccd343eab1ba
SHA256

62a90722ba3ed116a21d27d052dceee12025b8d49d7516cbded4279cba9d5f5f
SHA512

2d98c70f6ae4ebc5ce2b32c3c98e94f37d9da6fa1382f5003d13965ee98629b4d598986c82e5addc007b5d85e205922f144cef0f3d68c408375fd050768245dd
SSDEEP

1536:DqMA6C1VqaqhtgVRNToV7TtRu8rM0wYVFl2g5u58dO0xXHQEyYfdhNhFO5h3xhIp:+MA6C1VqaqhtgVRNToV7TtRu8rM0wYVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62a90722ba3ed116a21d27d052dceee12025b8d49d7516cbded4279cba9d5f5f

Files

62a90722ba3ed116a21d27d052dceee12025b8d49d7516cbded4279cba9d5f5f
.exe windows:4 windows x86 arch:x86

3b884b93be1eaa99038bd3acaaa5f577

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

GetFileSize
WaitForSingleObject
CreateThread
HeapFree
DeleteFileA
ExitProcess
lstrcmpiA
lstrcatA
GetWindowsDirectoryA
HeapAlloc
GetProcessHeap
Sleep
GetModuleFileNameA
CloseHandle
GetLastError
CreateMutexA
HeapReAlloc
FindClose
FindFirstFileA
GetProcAddress
LoadLibraryA
CreateProcessA
CreateFileA
ReadFile
WriteFile
FlushFileBuffers

wininet

InternetOpenA
InternetCloseHandle
InternetReadFile
InternetOpenUrlA
InternetSetOptionExA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.htext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE