0898694b8d1042684be65b5ebdbb5527da8118ab7df77c63d68463c40c998b35 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0898694b8d1042684be65b5ebdbb5527da8118ab7df77c63d68463c40c998b35
Size

3.6MB
MD5

693005c7acaca166645c64ca2665ea77
SHA1

34909bca278f5c9ab6d1cfcad633b925317103ef
SHA256

0898694b8d1042684be65b5ebdbb5527da8118ab7df77c63d68463c40c998b35
SHA512

13121b9295bb775b68daa2083aff9bca18e4c369cfcd26d514de708953dc564e9063b298284515aa5264b51661fca960e7ed692a868d62d08256847bbbf7ecd1
SSDEEP

98304:mtBJtw/Pj+E5vMIEdde37q+NAdvjbeL+:QwdvKdde3G++SL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0898694b8d1042684be65b5ebdbb5527da8118ab7df77c63d68463c40c998b35

Files

0898694b8d1042684be65b5ebdbb5527da8118ab7df77c63d68463c40c998b35
.exe windows:5 windows x86 arch:x86

b982dee85a91b63194762d3c0df61a25

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ord17

kernel32

WaitForSingleObject

user32

SendMessageA

comdlg32

GetOpenFileNameA

advapi32

RegSetValueExA

shell32

SHGetSpecialFolderLocation

ole32

CoInitialize

Sections

.text
Size: - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx0
Size: - Virtual size: 3.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.upx1
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.upx2
Size: 3.5MB - Virtual size: 3.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ