377b575de002e91f01a781d27f22bd13 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

377b575de002e91f01a781d27f22bd13
Size

133KB
MD5

377b575de002e91f01a781d27f22bd13
SHA1

029b9cf12ab8422b656b98350c540de65d9852b7
SHA256

166da24c3ee5877c30886f7f2f839abdfcf2530fb1e11e98806c2d329bdfed78
SHA512

ea46272362eb4143ebe49d702aab65cc6bf6ee5c36bf992386b1fac5f63c7a67d035cc038e97adf296537ba976cb4a553f620a3e6567be7736828500c1409cc7
SSDEEP

3072:lRwXXm02jkcp+JxdwDizaZqVuwA1Fl1g51YM860d5:EDhc8Jo2akVuwoFl1kLR0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
377b575de002e91f01a781d27f22bd13

Files

377b575de002e91f01a781d27f22bd13
.exe windows:4 windows x86 arch:x86

6581dc2c0cd4aebf5c1ab5c194b18f30

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_DrawEx
ImageList_Read
ImageList_Create
ImageList_GetBkColor
ImageList_Write
ImageList_DragShowNolock
ImageList_Draw

kernel32

SetFilePointer
FindClose
GetProcAddress
GetCurrentProcessId
CloseHandle
WaitForSingleObject
VirtualAlloc
LoadLibraryA
lstrcmpiA
SetLastError
DeleteFileA
ExitProcess
SetErrorMode
Sleep
GetOEMCP
GetCurrentThreadId
GetCPInfo
HeapAlloc
GetACP
GetCommandLineA
LocalFree
FreeResource
GetTempPathA
EnterCriticalSection

version

VerInstallFileA
VerFindFileA

user32

RedrawWindow
PostMessageA
GetMenu
GetDC
PeekMessageW
IsCharLowerA

Exports

Exports

_B8PyfN9eX8sVea@8

Sections

CODE
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.lkdata
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.jdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ