21dc2edb9be774f413970d3056bb48de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21dc2edb9be774f413970d3056bb48de
Size

751KB
MD5

21dc2edb9be774f413970d3056bb48de
SHA1

18d3979540238cb1c9b4217e3caaa1cb2ef8bca9
SHA256

5b6cf9a5f0abbc91f56bbeb75d4ac2f61828836f1006c4b1c72ddb70e4cb4da8
SHA512

5bd29a9e84e5429abda40004f227c9644e6193af93088cf1e2e79d708cd1a4919a2c9545e7d633c9d98d243612d70c4b2e2b40ed88cca18e29755c2541653a4e
SSDEEP

12288:GtOpRjFJppRmp7uNRlox4hwfn6/aBFhYasna/ygubvzrhYUnOjZyT5OTRCEn:9pVFHpRu7gKhC/aBvGa/3LZylp0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21dc2edb9be774f413970d3056bb48de

Files

21dc2edb9be774f413970d3056bb48de
.exe windows:4 windows x86 arch:x86

07539f3192d00fa204c4019f317755ec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
DeleteFileA
GetTickCount
GetConsoleTitleW
GetCurrentDirectoryA
GetFileAttributesA
GetStartupInfoW
GetCommandLineW
FindClose
HeapSize
CreateMutexA
CreateFileA
GetEnvironmentVariableW
GetLocalTime
ExitProcess
GetModuleHandleA
SetLastError
WaitForMultipleObjects
OpenProcess
CloseHandle
Sleep
ResetEvent
GetStdHandle
RemoveDirectoryA
HeapCreate

user32

GetClassInfoA
GetDC
DispatchMessageW
MessageBoxA
DispatchMessageW
FindWindowW
GetSysColor
GetDC
GetDC
GetWindowLongA
PeekMessageA
FillRect
CallWindowProcW

vbajet32

VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ