22742c97d098d8151d8ce2f6b86df6e5fbbe35123030f6aab5302e553bb36b5bN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22742c97d098d8151d8ce2f6b86df6e5fbbe35123030f6aab5302e553bb36b5bN
Size

383KB
MD5

76541c5433fba740fb49c32c8b043c90
SHA1

83af1c7c2e248e3ce83b0d900a98348229289745
SHA256

22742c97d098d8151d8ce2f6b86df6e5fbbe35123030f6aab5302e553bb36b5b
SHA512

44fd91372fed37ded38966710c78fdf87dbca2e05b91720d5688c6a94a8ef364a5733b551d67a7e47770596268d7a9978fb6af8f95a6ccfd58c0e4e85febb46c
SSDEEP

6144:SwhBEHzWpUfPNr+DRD5fWBuxBl11tbpuziGzPl1rzGz6YEqbXrK3HVlFPqln5qFV:bhB2zWSdWJZRxPPQiGz/46YEeX239PAw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22742c97d098d8151d8ce2f6b86df6e5fbbe35123030f6aab5302e553bb36b5bN

Files

22742c97d098d8151d8ce2f6b86df6e5fbbe35123030f6aab5302e553bb36b5bN
.exe windows:5 windows x86 arch:x86

b85f7741a49f0e564ff0742d092b0400

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameW
CreateFileW
GetFileSize
ReadFile
CloseHandle
VirtualAlloc
GetModuleHandleA
GetProcAddress
LoadLibraryA
VirtualFree
GetProcessHeap
GetCurrentProcess
TerminateProcess
HeapAlloc
HeapFree

Sections

.text
Size: 358KB - Virtual size: 357KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ