042f2a730639a0d9c5c75132410fde89 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

042f2a730639a0d9c5c75132410fde89
Size

500KB
MD5

042f2a730639a0d9c5c75132410fde89
SHA1

e9239d51e082074b1cb8fa14a0cb28f1b28b4b77
SHA256

46e831dedf11c5230cf70ef82d23ce3d7399ad223fa0f8321a19b5c37f840bc5
SHA512

ecd876cf0212f8cb4883dcaf7f37a9eafa07d3c7103bc6f5427f75ba3b1cf7da351410490be26e49eacb7760396cdf122a4be792575670db12828ad9e35e5d07
SSDEEP

6144:pJoc58YCxZA32xGoj+RvTfCRVnGwk6+7AN3HdaMuKHdVOwLjTgEUZbcv:p74+IrO6/PV+7q3kM9dVLLjdW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
042f2a730639a0d9c5c75132410fde89

Files

042f2a730639a0d9c5c75132410fde89
.exe windows:4 windows x86 arch:x86

eadf9654376e0678cdbd8207b1ee9abe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
GetLocaleInfoA
CreateFileW
FindAtomW
SetCurrentDirectoryW
GetTempPathW
FindAtomA
ReadFile
LoadLibraryW
WaitForSingleObject
lstrcmpiA
HeapFree
VirtualAlloc
GetACP
CreateThread
LeaveCriticalSection
SetFileTime
GetFileSize
InterlockedDecrement
GetOEMCP
HeapReAlloc
HeapAlloc
SetEndOfFile
SetHandleCount
EnterCriticalSection
InitializeCriticalSection
CloseHandle
InitializeCriticalSectionAndSpinCount

user32

LoadStringA
wsprintfA
MessageBoxExA
CharPrevA
CharNextA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 456KB - Virtual size: 774KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ