21f457d2d4ee4b1b3af12579875a8c45ab10f9796586695ac5c85e4421402130[.]exe

General

Target

21f457d2d4ee4b1b3af12579875a8c45ab10f9796586695ac5c85e4421402130.exe
Size

131KB
MD5

bfbfc5f383d5a365ab7543da4fddb9e5
SHA1

2f92f7a77c1aba9c8612b288974267c02a96ad6c
SHA256

21f457d2d4ee4b1b3af12579875a8c45ab10f9796586695ac5c85e4421402130
SHA512

26126d97779aef3c76f5cc35b9292021b41317979c47422236de95cf06e1063313677b6b3f4aba502f41549ff66c5e4f1fc0e4f8fe03cac02c7928388c3466c4
SSDEEP

3072:kinktgRYiecPOdjDKCo3qEK8e2atUfFzf85u4CCZHy:XnktpDKCo3qELfd2u4CCw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21f457d2d4ee4b1b3af12579875a8c45ab10f9796586695ac5c85e4421402130.exe

Files

21f457d2d4ee4b1b3af12579875a8c45ab10f9796586695ac5c85e4421402130.exe
.exe windows:5 windows x86 arch:x86

b3101d50a4be128495b5843b59460e53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FindVolumeClose
GetVersionExA
GlobalFlags
GetDriveTypeA
GetStringTypeA
CreateDirectoryW
RemoveDirectoryA
CloseHandle
GetPrivateProfileIntA
GetCurrentThread
DeviceIoControl
LoadLibraryA
HeapFree
GetFileAttributesW
GlobalLock
GetCurrentProcess
GetStdHandle
CreateEventA
GetFileAttributesW
VirtualProtectEx
GetPrivateProfileSectionA

shell32

DllUnregisterServer
ExtractIconA
DragAcceptFiles
DragFinish
SHFree
DllUnregisterServer
SHGetSettings
StrChrA
DuplicateIcon
ShellAboutA
ShellMessageBoxA
DragQueryFileA
SHGetMalloc

ntmarta

AccConvertSDToAccess
AccFreeIndexArray
AccConvertAclToAccess
AccGetExplicitEntries

uxtheme

CloseThemeData

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 512B - Virtual size: 372B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3101d50a4be128495b5843b59460e53

Headers

File Characteristics

Imports

kernel32

shell32

ntmarta

uxtheme

Sections

.text Size: 3KB - Virtual size: 3KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 508B

.rsrc Size: 121KB - Virtual size: 121KB

.import Size: 512B - Virtual size: 372B

.text
Size: 3KB - Virtual size: 3KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 508B

.rsrc
Size: 121KB - Virtual size: 121KB

.import
Size: 512B - Virtual size: 372B