30a9d55be2841d0b0e4ee023060ac1fb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

30a9d55be2841d0b0e4ee023060ac1fb
Size

308KB
MD5

30a9d55be2841d0b0e4ee023060ac1fb
SHA1

e182429fcce6aa07e15d1e65d64bd481a01869c3
SHA256

9ce536921270a87067308fb6323cc8462fdcc5180fafb273469a2ed7a8be16a5
SHA512

9e507f15b0cf2d6e080c0a0f134fe9435da361d7a472ff5e86c11bb9ab8cf7c2016684356bf1c8d8d884c9e3242be316f473e9ddc128ed408d6f94b87ea06126
SSDEEP

6144:SQXeWNShiCR6+fFFHZdJP8iqxGEpOjrQMfH7qUq0pncbT5mGEE+P5+uyD:SQuW4ZBfFfE4EArQUm50tcbTw5IuyD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
30a9d55be2841d0b0e4ee023060ac1fb

Files

30a9d55be2841d0b0e4ee023060ac1fb
.exe windows:4 windows x86 arch:x86

e2456febc39cf78f23778928e85fe3a0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
LoadResource
SizeofResource
LoadLibraryA
VirtualFree
GetModuleHandleA
FreeLibrary
FindResourceA
CreateFileA
GetProcAddress
WinExec
GetTempPathA
GetModuleFileNameA
CloseHandle
GetShortPathNameA
GetTickCount
LoadLibraryExW
SearchPathA
ExitProcess
MoveFileExW
GetCommandLineW
WriteFile
GetTempFileNameA
VirtualAlloc

user32

UpdateWindow
MoveWindow
GetWindowRect
GetDesktopWindow
EndDialog
DialogBoxParamA
SetDlgItemTextA
CreateWindowExA
ShowWindow

advapi32

RegSetValueExW
RegCreateKeyExW

shell32

CommandLineToArgvW

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ