f1339b21f571a0e9017102b66de32af75a6ac7b9ac276456b8e34fefd7d00a51N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f1339b21f571a0e9017102b66de32af75a6ac7b9ac276456b8e34fefd7d00a51N
Size

43KB
MD5

efff876ac3e1240b6525a60fa42f4960
SHA1

b7ca41abd111acf92e44f6ec308bfaaec58b6c29
SHA256

f1339b21f571a0e9017102b66de32af75a6ac7b9ac276456b8e34fefd7d00a51
SHA512

a8e32a20f4e1c521479a0a5e2a933e9d47a7f6755da0d4ca85031c14cbcb86a781a7dd58aeada086976387850f9d4bb72ac82c9a0e16bdb1cb5845cc609cc822
SSDEEP

768:emJKK3ciA8KxCp9dK3AIkVKVKX057iyOFyx6KHc/eoX8CeX0r8PGa9Lva:dJvMi+CpNIz2miyQy7K8LyAt9W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1339b21f571a0e9017102b66de32af75a6ac7b9ac276456b8e34fefd7d00a51N

Files

f1339b21f571a0e9017102b66de32af75a6ac7b9ac276456b8e34fefd7d00a51N
.exe windows:4 windows x86 arch:x86

1359a50ea21b312f0f42427815c5f387

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
MessageBoxA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WriteFile

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

Sections

.text
Size: 21KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE