2325b3efe98551e31e095289bc622530 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2325b3efe98551e31e095289bc622530
Size

98KB
MD5

2325b3efe98551e31e095289bc622530
SHA1

51782ecc3a9cf20b6d743fab17f45a714ca13172
SHA256

791cc567e08379213eee34bbafc2d336799349877aef56e94065f3d221eff62f
SHA512

ba32fec747d51319cfaf63624b970e1932d920f377cb6223ed719be40207feb615cd9f499f7ecabddf251627b305fe6748e99271b2d50f66e75492e29c214774
SSDEEP

3072:4KO4Vl35miqQH9uIal5fP6f8TrQa+Jww8YnDok/:9dzciZH9uTfP6MQWSo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2325b3efe98551e31e095289bc622530

Files

2325b3efe98551e31e095289bc622530
.exe windows:5 windows x86 arch:x86

2f7b3ba9b1746f2c3c9296cd72018e10

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

malloc
memset
memcpy
free
rand

comctl32

ord17

kernel32

GetProcessId
VirtualQuery
GetModuleHandleA
SetEvent
CreateEventA
CloseHandle
WaitForSingleObject
CreateMutexA
ExitProcess

user32

LoadStringA
ShowWindow
GetWindowRect
SetTimer
SetScrollRange
GetScrollRange
InvalidateRect
MoveWindow
SetWindowPos
SendMessageA
PostMessageA
CreateWindowExA
DestroyWindow
FindWindowA
DispatchMessageA
TranslateMessage
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
SetWindowTextA

gdi32

CombineRgn
CreateRectRgn

Exports

Exports

?GetJHkjghfdkghfdkhg@@YGPAXXZ
?GetJfkdgklfdjglkd@@YGPAXXZ
?GetKFLksdokgdghdl@@YGPAXXZ
?GetKWKJFxgkfdlkg@@YGPAXXZ
?GetKfldksglkdfg@@YGPAXXZ
?GetYufdslgjdl@@YGPAXXZ

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 292B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ