343099af7752f105137840299b0ea837 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

343099af7752f105137840299b0ea837
Size

126KB
MD5

343099af7752f105137840299b0ea837
SHA1

64a2a7947864da6e7322452dfe42f69f2b422a87
SHA256

8ae9888d1300bcfd5366427c116e3ea4a6b82128db7ac191cb8ecafa48e7913c
SHA512

66b7d576f14eb0de09edab1e326164a22ab2dd7b0d9f3dfcc33f287cb1b180921c6392298275922c51fd7ba245a7b60710e61c98b24aec6d5beadd1314050ae4
SSDEEP

3072:ei/eWQ/582z7Jx2a8+e5xoZI/ttY32tf5bXwbbsQlI3:vt02a8RxomeWf1gvsa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
343099af7752f105137840299b0ea837

Files

343099af7752f105137840299b0ea837
.exe windows:4 windows x86 arch:x86

2cb0dd57e52f010921be59dcf0a64bec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegEnumKeyExA

oleaut32

SysAllocStringLen
SysReAllocStringLen
SafeArrayCreate
SafeArrayUnaccessData
GetErrorInfo
OleLoadPicture
SysFreeString
SafeArrayPtrOfIndex
SysStringLen

kernel32

GetFullPathNameA
GetFileType
GetFileAttributesA
GetCommandLineA
ExitProcess
ExitThread
IsBadHugeReadPtr
GetLastError
GetFileSize
LoadLibraryA
VirtualAllocEx

gdi32

BitBlt
CreateFontIndirectA
GetObjectA
SetBkMode
CopyEnhMetaFileA
CreateBitmap
RestoreDC
GetTextColor
GetDIBColorTable
GetRgnBox

user32

KillTimer
TranslateMessage
UnhookWindowsHookEx
CreatePopupMenu
UnregisterClassA
GetMenu
GetSysColorBrush

Exports

Exports

_w5mCnPhqZjK
iPqTHB5JHp01@4
vfjDX58uGzmT45
_FjAhGovb3@16

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ