32cea0de41655fc1d4d63f4b2bb43da4 | Triage

Sharing

General

Target

32cea0de41655fc1d4d63f4b2bb43da4
Size

668KB
MD5

32cea0de41655fc1d4d63f4b2bb43da4
SHA1

a2675d898fcc2a527efc85394c735b659c6b7f6e
SHA256

cb8a3839bb7c7e83e8e5adf3ff43371f48f78b9d913428f13630f3cf1bd20279
SHA512

874ac161a7757416e5aae0e088b4505861f0ce8237a49f58877de73b332637f6b6e2f337c187421c69410d9ff079c995de10b0bb24ec68042b654712019cb7b3
SSDEEP

12288:g55Ncy6Eb73+zI+o5bZXVaBM0pwPDTJNZ5VliuXa:gCyjezS1FaNwn5VUf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32cea0de41655fc1d4d63f4b2bb43da4

Files

32cea0de41655fc1d4d63f4b2bb43da4
.exe windows:4 windows x86 arch:x86

e32261c61dee82b82245afda46dd3651

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathRemoveExtensionA
PathFindExtensionA
StrChrA

kernel32

GetExitCodeProcess
CreateThread
ExitProcess
FindResourceA
CloseHandle
WriteFile
CreateFileA
SizeofResource
LockResource
LoadResource
FindResourceExA
FreeLibrary
GetProcAddress
LoadLibraryA
GetModuleFileNameA
WaitForSingleObject
CreateProcessA
lstrlenA
GetCommandLineA
lstrcatA
lstrcpyA

user32

wsprintfA
LoadStringA

Sections

.text
Size: 1024B - Virtual size: 904B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 891B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 665KB - Virtual size: 664KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ