431dfeeb5eb8181be0310f4b6b419094 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

431dfeeb5eb8181be0310f4b6b419094
Size

190KB
MD5

431dfeeb5eb8181be0310f4b6b419094
SHA1

647276e27ad2e1104c46768c547ea5dc06b8e512
SHA256

e536297ddac8d86e8ccad09645abc06d85174fcea3f13f13ea0d554f918e231c
SHA512

f721fa382068ebb9b4455a3f1610d37a622bd23957ab938c3241d737cdfad618ba2a4940541ccbc9a98fd9b9804c7641cfbecf37629351bcbbaaf0edcd0b88ae
SSDEEP

3072:sVFyVBQnRt3vaeRsCyRKLsOq+mlYLU6RCgP2lxcvodemNQX3tmgbnzdAPht:O8sR1ZmBNlYLUcpP2lxcX4y5APht

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
431dfeeb5eb8181be0310f4b6b419094

Files

431dfeeb5eb8181be0310f4b6b419094
.exe windows:4 windows x86 arch:x86

e83507f6e1f32a304531246546855299

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdiplus

GdipGetImageWidth
GdipDisposeImage

shlwapi

StrDupW
PathIsUNCW
PathSkipRootW
PathGetArgsW
SHRegGetValueW
PathFindFileNameW

ole32

CoGetDefaultContext
StringFromGUID2
CoInitialize
CoTaskMemAlloc
CoUninitialize
CoTaskMemFree

kernel32

GetModuleHandleA
GetProcessId
LocalFree
OutputDebugStringW
InterlockedExchange
GetCalendarInfoW
lstrcmpiW
GetModuleFileNameW
VirtualProtect
GetModuleHandleW
SearchPathW
CreateDirectoryW
SetEnvironmentVariableW
GetCurrentThreadId
GetFileInformationByHandle
EnumResourceNamesA
SetLastError
LocalAlloc
VirtualQuery
lstrlenW
GetFileAttributesW
ExitProcess
WideCharToMultiByte
GetProcAddress
DuplicateHandle
InitializeCriticalSection
OutputDebugStringA
FreeLibrary
MultiByteToWideChar
GetLastError
GetCurrentDirectoryW
GetCurrentProcess
Sleep

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ