338c33f74ddbebea789edaf7cd9c41d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

338c33f74ddbebea789edaf7cd9c41d8
Size

43KB
MD5

338c33f74ddbebea789edaf7cd9c41d8
SHA1

e6b164435ad1b8b5f2748067d33e70304bfd088c
SHA256

33ba920481ac6b48dcd29148fcd714e00841db4949da59d426d6c8a890dcaae1
SHA512

662c444f5ad10b22dd448b8e8c29f5824d726bb491f8f663336822ef6b9b44e40b587c7c6ff02e02924d4291f120d9f29d676b22b76ee75e56d86771a046af0b
SSDEEP

768:PxkME1ZpeT57S6hEVrMDSFnrz3aF6DiqYEvhmjKEcSMxiZigOkfBsNXF2vj:PxteZpM7rKVmSBz3w6mqJvhmjK5ZxMbq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
338c33f74ddbebea789edaf7cd9c41d8

Files

338c33f74ddbebea789edaf7cd9c41d8
.exe windows:5 windows x86 arch:x86

f9f638aaf9a6bedbfdf93ac6f4984867

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptDestroyKey

msvcrt

abs

user32

GetFocus

kernel32

LoadLibraryA

Exports

Exports

ºormatDesktop@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatGUI@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatGUIMonitor@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatHandle@888GPAUHINSTANCE__@@U_COMMPROP@@`D
?FormatWindow@888GPAUHINSTANCE__@@U_COMMPROP@@`D

Sections

.bhgj
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.uni
Size: 512B - Virtual size: 383B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.ansi
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ