38d351e28ddb689552ed574db85874c9e2bb144d96f6907f82c5a4c1d928e745 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38d351e28ddb689552ed574db85874c9e2bb144d96f6907f82c5a4c1d928e745
Size

6.4MB
MD5

d1d78e2bf657e01d4874614346e74607
SHA1

bc85d845aa4df53da2d7655f7fd9fc7fad3359cf
SHA256

38d351e28ddb689552ed574db85874c9e2bb144d96f6907f82c5a4c1d928e745
SHA512

67e148432d8f54df1ecf5bbd99c73bce55bdc97c1b00709587473eba51cd7233851766a3ac78eb38ba60686128652ca71ffd347328cbab5f9b0c831001329b6c
SSDEEP

98304:acBwuCPZ8dtrailfQpyifeOzI8dxRpQ26G9NSuwT:JBntMQDyu26G9NSuwT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d351e28ddb689552ed574db85874c9e2bb144d96f6907f82c5a4c1d928e745

Files

38d351e28ddb689552ed574db85874c9e2bb144d96f6907f82c5a4c1d928e745
.exe windows:5 windows x86

b45050640641b943f516b33288c6c9b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree

user32

DestroyWindow

gdi32

DeleteObject

psapi

GetModuleFileNameExW

imagehlp

CheckSumMappedFile

comctl32

InitCommonControlsEx

msvcrt

malloc

iphlpapi

GetInterfaceInfo

advapi32

RegOpenKeyExA

Sections

.text
Size: 5.4MB - Virtual size: 5.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 911KB - Virtual size: 912KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ