e721efa4e606efbda26ae1c731e7e0423994fc4793b68bb3dd91c3136238c6a1N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e721efa4e606efbda26ae1c731e7e0423994fc4793b68bb3dd91c3136238c6a1N
Size

260KB
MD5

0c42e58e13f2b440acf46fbf555c8920
SHA1

665f03e13f3664d3f4d5b6ba731b24a95a6f5c25
SHA256

e721efa4e606efbda26ae1c731e7e0423994fc4793b68bb3dd91c3136238c6a1
SHA512

a6fb17a57e57ac0c34ef2c8cb37ce29b0079b8d3f09fbc66b412a995c4240316ba7a4b23e416ec8f9aae9c476e63ef3a144cf74586b28fc159c57abf36996831
SSDEEP

6144:E8qxwtBxLoj3nR+mDVUlctpEqxL/kiStnZ01oULPIFt:E/GLm1VLuqVc8oSot

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e721efa4e606efbda26ae1c731e7e0423994fc4793b68bb3dd91c3136238c6a1N

Files

e721efa4e606efbda26ae1c731e7e0423994fc4793b68bb3dd91c3136238c6a1N
.exe windows:4 windows x86 arch:x86

06a644de1e37b9367a1984f22650e8f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LoadLibraryA
CreateFileA
LCMapStringA
ExitProcess
GetCurrentProcess

user32

wsprintfA
SetWindowLongA
CreateWindowExA
CharLowerBuffA
CloseWindow

advapi32

RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegSetValueA
RegEnumKeyA
RegCreateKeyA
RegDeleteKeyA
RegEnumValueA
RegQueryValueA

Sections

.text
Size: 214KB - Virtual size: 216KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ