374fd0ffef1285ec36ca1c4d45d2d321 | Triage

Sharing

General

Target

374fd0ffef1285ec36ca1c4d45d2d321
Size

313KB
MD5

374fd0ffef1285ec36ca1c4d45d2d321
SHA1

5737e52c21340fb6504f3af4734e4d1ff3d79a1e
SHA256

e1f66d5a0b385233e09caba59efe8471376bf5c2ece73c27d6c4698b153eb1fd
SHA512

1938cbfda5c4384c9fbf0f8b9ed2b9480945d1a1c9f6b339d951023965ce0df1e26333684027f2f6bd3a57b126fe96f03c67ba4f2490a140b0db621bd051c7b5
SSDEEP

6144:HVPH/wwALEUzYa1Qvq9bQDbafszUuXjncFTB91arSFGciNoixv4UOEs:HVP/wP44KyxQbaUzUuXUfgrpciNoixvy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
374fd0ffef1285ec36ca1c4d45d2d321

Files

374fd0ffef1285ec36ca1c4d45d2d321
.exe windows:4 windows x86 arch:x86

ba5cea20253132f0576e5f836945785f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
GlobalFree
GetTapeStatus
GetCommState
ExitThread
GlobalCompact
VirtualAlloc
GlobalFlags
GetProfileStringA
GetOEMCP
DeleteAtom
FindAtomA
GetStdHandle
GetProcessHeap
RaiseException
EnterCriticalSection
CreateHardLinkA
LoadLibraryExA
CloseHandle
ClearCommBreak
GlobalLock

user32

GetWindowTextA
ShowWindow
GetForegroundWindow
GetFocus
GetClassInfoExA
DrawEdge
RegisterClassA
IsIconic
ValidateRect
GetActiveWindow
CloseWindow
GetDC
BeginPaint
EndPaint
GetClassNameA
GetWindowTextLengthA
ReleaseDC
GetWindow
GetParent

wsock32

WSAGetLastError
WSAAsyncSelect
WSAStartup
WSACleanup
WSAIsBlocking

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ