02316cefd7c079e12f21ee1a18e5c0d6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

02316cefd7c079e12f21ee1a18e5c0d6
Size

806KB
MD5

02316cefd7c079e12f21ee1a18e5c0d6
SHA1

fcd05e3d1e3b6426e431013bbc451dd161be2b2d
SHA256

32efe3fcb5dcb1de7eca6482c7ab8dd53bf6c5aac331955875a7ad1e3f9a0b18
SHA512

95a0af701e58d6632347507bf92dc482de8e535e699129f6c599cbc592e95e3a02997fad45d445336b90ffc4f7d8e61ff79f8bd64f87caf4beed79d2d728c17a
SSDEEP

12288:25GzsQ7hVXuSJurkhHqf1ur5wLa/ZC5mNMFWZmW5jDTxXN0fH9jFveQSbm2zs:8GVhUrJf1pqQ5CMMmWhBatFveX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02316cefd7c079e12f21ee1a18e5c0d6

Files

02316cefd7c079e12f21ee1a18e5c0d6
.exe windows:4 windows x86 arch:x86

a33eed335db96d03ff36809b4fa9c857

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateThread
InterlockedExchange
ResumeThread
VirtualAlloc
FreeConsole
GetModuleHandleW
GetMailslotInfo
GetPrivateProfileIntW
GetDriveTypeW
ResetEvent
GetACP
CloseHandle
LocalFree
LocalSize
GetExitCodeProcess
GlobalFree
GetEnvironmentVariableA
FindVolumeClose
lstrlenA

user32

CreateWindowExA
EndDialog
DispatchMessageA
GetCursorInfo
GetSysColor
DrawStateW
GetSysColor
GetClientRect
SetFocus
GetKeyboardType
CallWindowProcW
IsWindow
GetClassInfoA

qedit

DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllUnregisterServer
DllGetClassObject

hdwwiz.cpl

InstallNewDevice

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 797KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ