320c64be4cf476450af25cbe07ebabdb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

320c64be4cf476450af25cbe07ebabdb
Size

476KB
MD5

320c64be4cf476450af25cbe07ebabdb
SHA1

f7e8e8b427ed0357b56d23032b9be78e175c15cd
SHA256

1927144947ef20f5a28b79b29c0e42e7e19c3288f4aab9408d16e4a8bcfeacb6
SHA512

5001a1109b81f5c08b05ef12564328f1c1e0323fead3c9198f68ac24a5b9c0983ffc8b0970abe932fb691500b515dcb0a22b83ee5e18178ed3cc46f57e4e3e00
SSDEEP

12288:EFIstUlB58IU9fU4hHWqKmINyTbaFqo1A0AIw:wt4B5jv46mTbi+0N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
320c64be4cf476450af25cbe07ebabdb

Files

320c64be4cf476450af25cbe07ebabdb
.exe windows:4 windows x86 arch:x86

0638e7adeab76f2cf661c4f775964a40

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

NtQuerySystemEnvironmentValue

user32

GetWindowLongW

kernel32

GetThreadLocale
GetVersion

Sections

.text
Size: 471KB - Virtual size: 472KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 263B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE