15d9095f8bb7e08e00042f798cf84239cd611f6017b9e7f484ed49b38270edbcN[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

15d9095f8bb7e08e00042f798cf84239cd611f6017b9e7f484ed49b38270edbcN.exe
Size

42KB
MD5

de04983bc9c772680866aa353c5032b0
SHA1

f09ce9696897dc92f9adff4ebaf7ce73e78e7337
SHA256

15d9095f8bb7e08e00042f798cf84239cd611f6017b9e7f484ed49b38270edbc
SHA512

d5e938ba82619f38c29148ee74d0e5e1aa04cd359dbcd17e75a36569c5dea67cb6c3cd3c80bb295dd31233e62b9d6a7528b18d781cd511ac7c84a28fd0d1a9b3
SSDEEP

384:4Yn28lm/ij5PFUcLCWOTUNGXgZB+GA80PZxowIDpse7r1AZB9HU1ynrpdhX:4Ynfm/ij5JtJqgPxA80PZxkFEr01y3hX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d9095f8bb7e08e00042f798cf84239cd611f6017b9e7f484ed49b38270edbcN.exe

Files

15d9095f8bb7e08e00042f798cf84239cd611f6017b9e7f484ed49b38270edbcN.exe
.exe windows:4 windows x86 arch:x86

8b952403cd7980f20cd10a1500bc5902

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

StgOpenStorage
CoInitialize

kernel32

RaiseException
HeapSetInformation
GetCurrentProcess
UnhandledExceptionFilter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
InterlockedCompareExchange
InterlockedExchange
Sleep
TerminateProcess

advapi32

CredFree

dhcpcsvc

DhcpDeRegisterParamChange

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ