0343f9897f9aede24492d2613303398b | Triage

Sharing

General

Target

0343f9897f9aede24492d2613303398b
Size

373KB
MD5

0343f9897f9aede24492d2613303398b
SHA1

b7dbe70311eab1900ae387c6adbcfa3d32d67e71
SHA256

5c84abd449f4cece30a6b28dd521e43bb94b9695e993bd9b30225e51985d355e
SHA512

469669bbc4f6bee986e2a4e23509f86cf7cf799426ee491d1d5b8c7ffd5b2137f6c39fdf94098ac398731ba7da4824f83551c7e4527b0d8aa1ef5b2206f65550
SSDEEP

6144:P59fvTlmN69pboqm/HuOZwSYbyeKRqu7637WiHS7iD0/kTG11SvT:DTlB9tZ2wJl37WiH5JvT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0343f9897f9aede24492d2613303398b

Files

0343f9897f9aede24492d2613303398b
.exe windows:4 windows x86 arch:x86

c2856705caa8c09f5354e4c8f66ce711

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
UnmapViewOfFile
lstrlenA
LocalFree
HeapCreate
lstrcpyA
GetComputerNameA
GetSystemTime
GetModuleHandleA
ResetEvent
GlobalUnlock
GetCurrentThreadId
Sleep
FindClose
GetCommandLineA
GetCurrentDirectoryA
CreateThread
CloseHandle
PulseEvent
LoadLibraryW

user32

GetDlgItem
CheckRadioButton
DrawEdge
FillRect
DrawMenuBar
CreateWindowExA
GetCaretPos
DispatchMessageA
CallWindowProcA
SetFocus
IsWindow
GetDC
CreateIcon

cryptui

CryptUIDlgSelectStoreA
CryptUIDlgSelectCA
CryptUIDlgCertMgr
WizardFree
LocalEnroll

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 284KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ