075b40db16f243dfa85396a91df410cb | Triage

Sharing

General

Target

075b40db16f243dfa85396a91df410cb
Size

164KB
MD5

075b40db16f243dfa85396a91df410cb
SHA1

6aa5050dc3133a4d695f362a18c83df96aadbde8
SHA256

568fee0c7ae0a9c47e4acceb668ca6136f1521e4a2f851cb0866a0188636980c
SHA512

64922408e9355e35d29d01967c64ac59bb0583281d9075145305c55ade1b35157c7d77242b32670a99cf3d5f80df351cd4ee7995b17930a8c385f615a491c3cb
SSDEEP

3072:NrsDzSaDAYUySqQgFQlKNyXsJHkfDQtoycF4K3VsmSSU6XOEvAe9:Nrza0YbSqfFyK0X9ESVsm9eV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
075b40db16f243dfa85396a91df410cb

Files

075b40db16f243dfa85396a91df410cb
.exe windows:4 windows x86 arch:x86

7dfcaf91e7576236a03499bf587e62ec

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
lstrlenW
GetModuleHandleW
GetProcAddress
LockResource
MulDiv
GetPrivateProfileStringW
InitializeCriticalSection
Sleep
LoadLibraryA
FreeLibrary
LoadLibraryW
EnumResourceTypesA
WritePrivateProfileStringW
GetVersionExA
FindFirstFileW
GetPrivateProfileIntW
MultiByteToWideChar
GetTickCount
FindClose
GetDllDirectoryW
GlobalSize
DeleteCriticalSection
LoadResource
GetModuleFileNameW
GetVersionExW
GetLocaleInfoW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

shell32

DllGetVersion
SHGetFolderPathW
ShellExecuteExW
ShellExecuteW
ShellExecuteExA
SHFileOperationW
SHBrowseForFolderA
SHGetPathFromIDListA
CommandLineToArgvW
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ