af7d253be413cdaade55005fe77e2800ce4697d889473fa2f72e39faeb41a276N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af7d253be413cdaade55005fe77e2800ce4697d889473fa2f72e39faeb41a276N
Size

257KB
MD5

0ef8cbc349d4bb8a2c88e3e01bcd2400
SHA1

60682d5eb299fb2fd88f27b0a4d2b3f742e14938
SHA256

af7d253be413cdaade55005fe77e2800ce4697d889473fa2f72e39faeb41a276
SHA512

f474bc22477942b23623e8745105e02f3c0fa458a5071792b4514eca3a76bd6015d730fcc85e14b870c0792c495845b94abda5e4cdcde1546855085e801d75ee
SSDEEP

6144:WgHgr3KvvBTm2J91lkmp+pIeKr5ky6ROyJPt39:HHe3KvvBTm2JfP8XkWLOcB9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af7d253be413cdaade55005fe77e2800ce4697d889473fa2f72e39faeb41a276N

Files

af7d253be413cdaade55005fe77e2800ce4697d889473fa2f72e39faeb41a276N
.exe windows:4 windows x86 arch:x86

806cdf88058876dfa366d97ae01c0fb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
CreateFileA
GetWindowsDirectoryA
LoadLibraryW

user32

GetSystemMetrics

msvcrt

memcpy

advapi32

RegOpenKeyExW

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 760B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g5
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g4
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.g
Size: 246KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ