309385c35cc302390183815fa06bfd94 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

309385c35cc302390183815fa06bfd94
Size

64KB
MD5

309385c35cc302390183815fa06bfd94
SHA1

5dd2b262a2ee477ab3bcbc1b4ad09783bff78e43
SHA256

cff77196f5a4b86422ffd7a79c6d769335b4aa1201bbb12ba7695315213c6470
SHA512

34bfb6b1d512ca5a1e48a4adef0850432974532cf24f4573c55f20d4eac56d86accc18480fb81f9674121fae7db39f612d3a48200bc331a67a3d58cd4ab15da8
SSDEEP

1536:FlI+PMNeqwFTUZ+sGcbXRy6qmbhlvYH1lztQvfNpPhmtufeK2E:F2iMobMbXRyGb3AH1JoXwd/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
309385c35cc302390183815fa06bfd94

Files

309385c35cc302390183815fa06bfd94
.exe windows:4 windows x86 arch:x86

1f70ab8b9f61219911c7c569b6988fcc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDirectoryW
GetCommandLineW
HeapAlloc
GetModuleHandleA
SetConsoleCP
GetOEMCP
GetFileType
VirtualProtect
SizeofResource
GetStartupInfoA
SetStdHandle
ExitProcess
CreateFileA
MultiByteToWideChar
GetConsoleOutputCP
GetThreadLocale
InterlockedExchange
GetACP
Sleep

user32

DeleteMenu
GetDlgItem

ole32

CoTaskMemFree
CLSIDFromString

gdi32

GetDeviceCaps
CreateFontIndirectA

rpcrt4

I_RpcBCacheFree

msvcrt

_initterm

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE