01fde7cb9550bac04543b607d2fc7907 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01fde7cb9550bac04543b607d2fc7907
Size

213KB
MD5

01fde7cb9550bac04543b607d2fc7907
SHA1

f9a9cc00b870f85f05c1e66c2c8b2a5bd29b2752
SHA256

cb8e2c44071b79da3f02403d20f3f0d7dbff4b49a67e37c0e38265fc40f46794
SHA512

b3c3975c4f9e7c722bffea79634567c9dc3f90b934c257eae25902a2e075a2becd3d20d955101c3981bb0481c85c597d8d88dbdd7a0936990b812907f4e440a5
SSDEEP

6144:KwyNcKnABDZwmufZ1bJrPPmJeAjEehcI:FdBledJr3mMCf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01fde7cb9550bac04543b607d2fc7907

Files

01fde7cb9550bac04543b607d2fc7907
.exe windows:4 windows x86 arch:x86

e473d2d7fd34d63b9f78e38d43e99cfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

GetOpenFileNameA
ChooseColorA
FindTextA

user32

GetIconInfo
GetDCEx
GetSysColorBrush
CharLowerA
GetForegroundWindow
GetMenuItemCount
IsCharUpperA
GetMenu
IsZoomed
GetCapture
GetDesktopWindow

kernel32

EnumCalendarInfoA
Sleep
VirtualAllocEx
ExitProcess
EnterCriticalSection
GetFileAttributesA
GetStartupInfoA
lstrcmpA
GetStringTypeA
GetEnvironmentStrings
CreateFileA
MulDiv
MoveFileExA
GetTickCount
CompareStringA
GetThreadLocale
GetCurrentThreadId
IsBadReadPtr
GetLocalTime
GetLocaleInfoA
CreateThread

gdi32

SelectPalette
GetPixel
CreateCompatibleBitmap
CreateBrushIndirect
GetBkMode
SetPixel

shlwapi

PathGetCharTypeA

Exports

Exports

4nRvH7jHE@12
_zBv68sriiUR
VFKnyT1HE3ys@8
_Qa_f4y3epmG9

Sections

.text
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 197KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ