38db6615a7f41964be04d1d1799f5ff7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38db6615a7f41964be04d1d1799f5ff7
Size

66KB
MD5

38db6615a7f41964be04d1d1799f5ff7
SHA1

3b3cd0e57da1455b236a7beeadf73d68a54b51cc
SHA256

94e3245ccdd55cd2b973fc1227ac233ba474cbdb92e7479b186aea10757ace36
SHA512

1e748556a30632d74141cf3964ff57cf1cffbc921e14bb92a8c48b79ff5c50a04eab81ea163c140acdf7b4762d7522da6eaef83628fb61788e71877eb6ca57d7
SSDEEP

1536:pWiCvR2bpmCSBILH0D6rkVYXiRyz0SBaGtqH6X08m:p/6RCpzbLUeQVYyRyZlqaE/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38db6615a7f41964be04d1d1799f5ff7

Files

38db6615a7f41964be04d1d1799f5ff7
.exe windows:4 windows x86 arch:x86

16268fb5cbd55415fa1fe2a4f01451ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetOEMCP
GetConsoleOutputCP
GetStartupInfoA
GetTickCount
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetModuleHandleW
VirtualProtect
GetLastError
DeleteFileW
HeapCreate
HeapSize
lstrlenA
WideCharToMultiByte
SetConsoleCP
GetTempPathW
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetACP
HeapAlloc
GlobalUnlock
GetModuleHandleA
GetCommandLineW
DisableThreadLibraryCalls
GlobalAlloc
SetStdHandle
ResumeThread
GetCurrentProcessId
CreateFileW
GetLocalTime
FindResourceExW
SetFileAttributesA
CloseHandle
EnterCriticalSection

advapi32

RegCloseKey
RegOpenKeyExW

user32

SetWindowLongW
LoadIconW
InvalidateRect

ole32

CoInitializeEx
CLSIDFromProgID
StgSetTimes

msvcrt

_onexit
_amsg_exit

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ