234e80edb338ee40e26726da2d5006af | Triage

Sharing

Copy URL Twitter E-mail

General

Target

234e80edb338ee40e26726da2d5006af
Size

309KB
MD5

234e80edb338ee40e26726da2d5006af
SHA1

32409552a75252621eef71c39c2399ca96148915
SHA256

3500f4125034d4236986d1aab6f4bd51b8cadd25edf1f65d1bddfdff1309dc86
SHA512

bfe04ea39d32c2fb298b7a3ae24c74e796bad39e4e6ce2380059a53e447201ee3d997eb55feb5b6a4c1ebf4d13a93cf5cd3f3d7822f91d5d458d4331731e0849
SSDEEP

3072:2ALgTpIgeRECariqXvSo+Teo4gZpU55GUlVP/pDpVcPvfzI0XjHYshi5CZcwRt5o:2FtNSonoa55T35pVUlYIiIZcu8jc40

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
234e80edb338ee40e26726da2d5006af

Files

234e80edb338ee40e26726da2d5006af
.exe windows:5 windows x86 arch:x86

0277c815b9ab3fd3006e521091d37b13

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetStartupInfoW
CreateDirectoryA
LeaveCriticalSection
CreateFileA
GetProcessHeap
GetConsoleMode
GetFileAttributesA
CreateFileA
VirtualProtect
InterlockedExchange
GetModuleHandleA
GetLocalTime
DeleteFileA
CancelIo
LocalFree
GetDriveTypeA
HeapDestroy
GlobalLock
GetConsoleAliasA
GetModuleFileNameA
FindClose
ReadConsoleW
DeleteFileA
GetFileTime

user32

GetWindowTextA
PeekMessageA
IsZoomed
GetKeyState
GetSysColor
IsWindowEnabled
GetWindowLongA
LoadCursorA
DispatchMessageA
MessageBoxA
GetWindowLongA
GetWindowDC
wsprintfA

d3dxof

DllGetClassObject
DirectXFileCreate
DirectXFileCreate
DllCanUnloadNow

advapi32

IsValidSid

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 298KB - Virtual size: 297KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE