e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c | Triage

Sharing

General

Target

e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c
Size

318KB
MD5

20a173c16e96e74dd72d4c1f007dde02
SHA1

2b3793d27a10a79a48b60117a6f61e4edd3a0971
SHA256

e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c
SHA512

6c2631e081d69bfae4d9593f6ce939a9a0fd6af6d08487ef1f56cbc30d498a72ff5711638ec49ebef988bb1d026ff314c51eb8ae6a7bbefebf6e73f73e294e68
SSDEEP

6144:F8xKWjsObiZKDAX0jH0o2zq9DmQ3LOotL4gr:FW9biZKm4H8zq9Fjtdr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c

Files

e404f209fb43a16bcc1cd873641c31a9cd0e604928d28b2a9b6f9862a99ebc1c
.exe windows:4 windows x86 arch:x86

231425377893abb7b2ff9764e70528f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

mpr

WNetOpenEnumA

version

VerQueryValueA

wsock32

WSACleanup

winmm

waveOutSetVolume

Sections

CODE
Size: 35KB - Virtual size: 176KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WinLicen
Size: 54B - Virtual size: 54B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE