130b7031c2df1618d25154a205df44e8 | Triage

Sharing

General

Target

130b7031c2df1618d25154a205df44e8
Size

23KB
MD5

130b7031c2df1618d25154a205df44e8
SHA1

8aa6bf4568e15cfb5e8975fd32aa34164dc6ad6e
SHA256

7decb1830d0d180b766f03bafdb7eb4472af39263d580fe2be62b908e9158e18
SHA512

b38922f7a6a18c0d6237420d8479131eafce3918ed5c41dd0eed3fbc3e5e5da761da22eed57e748a44311ecad01f8cedc4fae68deab7ee9abb3453a808043c95
SSDEEP

192:KTnwqWJC86JqtCf/JMGxEdvwNkAXeQnWf5Fn+2x6VmPE7GgKIKx8A:K30CtqMyVqyQnWvnTQIwGgKVuA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
130b7031c2df1618d25154a205df44e8

Files

130b7031c2df1618d25154a205df44e8
.exe windows:4 windows x86 arch:x86

006d4df056d6113a457f87980cb88fb1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetLastError
GetModuleHandleA
CreateEventA
Sleep
GetCommandLineA
FreeLibrary
LocalAlloc
GetStdHandle
GetStartupInfoA
GlobalFree
lstrcpyA
GlobalAlloc
CloseHandle

gdi32

CreateSolidBrush
CreateCompatibleDC
SetPixel
GetObjectA
CreateFontIndirectA
GetDeviceCaps
GetTextMetricsA
GetPixel
SetBkMode
GetStockObject
SelectObject
BitBlt
MoveToEx
ExtTextOutA
GetTextColor
SetROP2

user32

CreateWindowExA
LoadIconA
ShowWindow
MessageBoxA
EndPaint
BeginPaint
DialogBoxParamA
PostQuitMessage
DestroyWindow
DispatchMessageA
GetMessageA
GetSysColor

msvcrt

toupper
__p__fmode
memmove
_XcptFilter
_acmdln
_exit
__setusermatherr
_initterm
__p__commode
_controlfp
__CxxFrameHandler
wcstoul
_adjust_fdiv
wcslen
_except_handler3
exit

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ