3af58d26a05f0d5fc97170218f22fd65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3af58d26a05f0d5fc97170218f22fd65
Size

803KB
MD5

3af58d26a05f0d5fc97170218f22fd65
SHA1

b524cb049afe090e6e077519f6ed1b76bbde3779
SHA256

f89fdba1e39a79b84ee2383a051c3978876e9141676615cb7b45b5bf41228d01
SHA512

ab60c1dac864dc1189029d93d00c5ea77d68cc76950153ae29f9077c8d810e533bb692de84dfd73f8a824478d94a3d894a154140256c2476c4a42e97ff9b6daa
SSDEEP

12288:ee5Db6Jnsu1KJgjxW3PWUsLFtSBUiRcAu3qS6sB7s8SnpY0ccBZsJ0XQOeU:bg1K0xW3ymw/BpfcBqJke

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3af58d26a05f0d5fc97170218f22fd65

Files

3af58d26a05f0d5fc97170218f22fd65
.exe windows:5 windows x86 arch:x86

0f598c74bbb3c34dbcf02263564b8fd1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesA
GetModuleFileNameA
GetDriveTypeW
GlobalFlags
VirtualProtectEx
SetFileTime
GetModuleHandleA
GetProcessVersion
OpenEventW
CreateDirectoryA
CreateFileW
DeleteFileW
CreateFileW
GetVolumePathNameA
LeaveCriticalSection
GetCurrentThreadId
GetConsoleMode
PulseEvent
GetTickCount
HeapDestroy
InterlockedExchange
OpenMutexA
FindAtomW
DeleteFileW
SetFilePointer

user32

IsMenu
GetWindowLongA
SetFocus
MessageBoxA
GetWindowLongA
LoadCursorA
DispatchMessageA
PeekMessageA
SetRect
GetWindowTextA
DestroyIcon
DestroyMenu
wsprintfA

dot3msm

Dot3MsmFreeProfile
Dot3MsmDeInit
Dot3MsmDisconnect
DllMain

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE