421ebddedb1b0af622000e4946c16311 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

421ebddedb1b0af622000e4946c16311
Size

451KB
MD5

421ebddedb1b0af622000e4946c16311
SHA1

32bcf033af76357fba2382611f9992b611d29f88
SHA256

7ce2a240876b4adc3a26a7529d2579c15667e067c01b797b7a93e8e800b783e6
SHA512

f9fee00af9fd7e9ae69fc2d235b22f88fcd4d4ad32a5389f4f84d1d9c6e5d062cebb888b0e24c6c39006b408e208668ca09ddac26af0687996114656954728f0
SSDEEP

6144:ILa5ayXKA6P196JHZLLDoqPeGn7tJBMOuwgz0wW07MpezITXcntdxa8Wg2rikW:iayA6r61doqPFuwJ0WXctXa80ri

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
421ebddedb1b0af622000e4946c16311

Files

421ebddedb1b0af622000e4946c16311
.exe windows:5 windows x86 arch:x86

285f36d698bfaada52791ac7a9b70eeb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
HeapFree
CloseHandle
WriteFile
GetFileTime
EnterCriticalSection
HeapCreate
GetCurrentDirectoryW
GetDriveTypeA
GetModuleFileNameA
ExitThread
lstrlenA
FindVolumeClose
GetFileAttributesA
GetFileType
WaitForMultipleObjects
IsBadReadPtr
GetCommandLineW
MapViewOfFile
LocalSize
CancelIo
FindClose
GetModuleHandleA
FindVolumeClose
SetFileAttributesW

uxtheme

GetThemeTextMetrics
DrawThemeEdge
GetWindowTheme
GetThemeEnumValue
GetThemeColor
OpenThemeData
DrawThemeBackground
CloseThemeData
GetThemeTextExtent
IsThemeActive
GetThemeBool
SetWindowTheme
CloseThemeData

dmocx

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 444KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE