515a8fb4ce84ecbd4cc3eb74f0c7d24532a3633091c30f6b8f49332a1f2b1e81N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

515a8fb4ce84ecbd4cc3eb74f0c7d24532a3633091c30f6b8f49332a1f2b1e81N
Size

172KB
MD5

e68567ac37b8d2730ae02bd1d89b00d0
SHA1

9f0c8aeffad22983a22791ecadc415feb9f58b68
SHA256

515a8fb4ce84ecbd4cc3eb74f0c7d24532a3633091c30f6b8f49332a1f2b1e81
SHA512

95075ad5a883cd1e90bf517ba3aa229870567014d1e4ef3af12cb65bce72d626b6b264a4c1e1e9f2446ae7dca0b3bacf1db48d8f7511c9eb249a071c2959aeb3
SSDEEP

3072:XaA5hP2ziigP9PISxo9ooSHK/fI61xvOEMqt3kR/79CsHX:XbhciigP9PISYQHKY2VO8gJV3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
515a8fb4ce84ecbd4cc3eb74f0c7d24532a3633091c30f6b8f49332a1f2b1e81N

Files

515a8fb4ce84ecbd4cc3eb74f0c7d24532a3633091c30f6b8f49332a1f2b1e81N
.exe windows:4 windows x86 arch:x86

f61655446a3f1a078c8dab5bd45a00ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CreateFileA
GetCurrentProcess
CloseHandle
LoadLibraryA
LCMapStringA
ExitProcess

user32

CloseWindow
CreateWindowExA
SetWindowLongA
CharLowerBuffA
wsprintfA

advapi32

RegCloseKey
RegQueryValueA
RegDeleteKeyA
RegCreateKeyA
RegEnumValueA
RegSetValueA
RegEnumKeyA
RegOpenKeyA
RegDeleteValueA

Sections

.text
Size: 154KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ