31e0aebff300d9772fd24ed4ee48414b | Triage

Sharing

General

Target

31e0aebff300d9772fd24ed4ee48414b
Size

121KB
MD5

31e0aebff300d9772fd24ed4ee48414b
SHA1

cac603a5b30fbbea44ef170ba27e68949c871ddc
SHA256

c6e88b6026087f9204eae9d344dd857fb5b7b820b35cefa36f940dc305fc304b
SHA512

2e4507342242bf7a3e1da190ef15a07916337ddc601d19f4e2a63666eaa8a7678ca6c91023bf7d5f5275e60f0ba38f04c09d2cf73c586e2ae4e65294571a34c3
SSDEEP

3072:NXvvRDNzgfAtykj7Y4GMSxNmyEsH5DFHEjrTznBt:N/JBzntnjbGPxNmyXH5RQ1t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31e0aebff300d9772fd24ed4ee48414b

Files

31e0aebff300d9772fd24ed4ee48414b
.exe windows:4 windows x86 arch:x86

4501f0f4bcc646a898d54d563cbe3707

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
VirtualProtectEx
LoadLibraryA
ExitProcess
GetLastError
OpenThread
GetThreadContext

user32

PostMessageA
IsChild

Exports

Exports

IsFnwhanxg
GetWukjsnoc

Sections

.text
Size: 3KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA2
Size: 3KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enewdat
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ