342245b4f131b4951d5ea1c2732141ef | Triage

Sharing

General

Target

342245b4f131b4951d5ea1c2732141ef
Size

803KB
MD5

342245b4f131b4951d5ea1c2732141ef
SHA1

86c728d69db0337fa96ec9a790dcb618872b5479
SHA256

b2864af6d28e761c4e6c1aebd222ead6544d9e80c23507779905757ae9803a42
SHA512

718e946252602e4e8c66aab186fd3f0585e7d24c48f162782864370957cd8c4046eb107a111d0df2380512385744a75ce04991e28bc0d0a9610ef904dd8d082a
SSDEEP

24576:5c/TxYZwLi9H3Q/fcXGkMMX+h0ou8RnVF7PoKL:2/Tx6H3efcgbCiT7wK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
342245b4f131b4951d5ea1c2732141ef

Files

342245b4f131b4951d5ea1c2732141ef
.exe windows:5 windows x86 arch:x86

99b666455df2a53eee2dc29b95a87b1e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetConsoleMode
GetProcessVersion
GetDriveTypeW
CreateDirectoryA
InterlockedExchange
VirtualProtectEx
OpenMutexA
SetFilePointer
DeleteFileW
GetCurrentThreadId
GetModuleHandleA
DeleteFileW
HeapDestroy
GetModuleFileNameA
FindAtomW
CreateFileW
SetFileTime
GetFileAttributesA
CreateFileW
OpenEventW
GetTickCount
PulseEvent
GetVolumePathNameA
GlobalFlags

user32

GetWindowLongA
SetFocus
IsMenu
PeekMessageA
GetWindowLongA
wsprintfA
GetWindowTextA
DestroyMenu
MessageBoxA
DispatchMessageA
SetRect
DestroyIcon
LoadCursorA

dot3msm

Dot3MsmDisconnect
DllMain
Dot3MsmDeInit
Dot3MsmFreeProfile

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE