7980568458b51b6953a9179802915045073a30f35ff1a330edaf972d3e711fe1N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7980568458b51b6953a9179802915045073a30f35ff1a330edaf972d3e711fe1N
Size

50KB
MD5

c6a1b32ad4e36809aeb9090fded82ff0
SHA1

91b2508029e51c428588450ab912f0d6f31ed0bb
SHA256

7980568458b51b6953a9179802915045073a30f35ff1a330edaf972d3e711fe1
SHA512

04e0cd15a53891f82b384119c41d2c4115c8bf606de4e720a2ba7feb568975b77f2da5adf713c9055a435fd3d8b0bb28e28c62774b59a29ba49e336a98aed5ec
SSDEEP

1536:h+Ds6ClDXuqweo/0khAUnJDgabGsVy6umfFlPhC:KsdXfBo/DBJBGzkP5C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7980568458b51b6953a9179802915045073a30f35ff1a330edaf972d3e711fe1N

Files

7980568458b51b6953a9179802915045073a30f35ff1a330edaf972d3e711fe1N
.exe windows:5 windows x86 arch:x86

b892955ae494fe908bdf52e81e1dfa4c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcAddress
VirtualAlloc
VirtualFree
VirtualProtect

user32

EndPaint

advapi32

RegCloseKey

shell32

ShellExecuteA

ws2_32

WSAStartup

iphlpapi

GetAdaptersAddresses

Sections

KASANOVA
Size: - Virtual size: 156KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

KASANOVA
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE