39374db5cf7466e2873df7f71013b17e | Triage

Sharing

General

Target

39374db5cf7466e2873df7f71013b17e
Size

1.1MB
MD5

39374db5cf7466e2873df7f71013b17e
SHA1

8869e2585baedaaf5f40d74802b9c2f4cd3852fe
SHA256

33f0fc922a1515cf070fad652a25c4b4feab8b683066d5acc1c9863044bbf372
SHA512

6c51d4f6a0aa57952d7dcea11256579fc721f8a268789b268bc288717c2a30e92386571c21f6511af1e72d6f2a321ec30bf51cc7527594223bb0dab9eb1d6c0a
SSDEEP

24576:cvWemcHS6h9gJLn+bg2AAmHngprHQ5BxTM7:ogcHbtWHgprQLpM7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39374db5cf7466e2873df7f71013b17e

Files

39374db5cf7466e2873df7f71013b17e
.exe windows:4 windows x86 arch:x86

93cd99753d7e990639202b516f015590

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
GetCurrentThread
GetVersion
GetCurrentProcessId
GetSystemDefaultLangID
GetUserDefaultLangID
GetSystemDefaultLCID
GetCurrentProcess
GetCommandLineA
GetLastError
GetModuleHandleA
GetUserDefaultLCID
HeapAlloc
GetProcessHeap
InterlockedIncrement
Sleep
GetStringTypeW
HeapReAlloc
GetProcAddress
FindFirstFileW
FreeEnvironmentStringsW
IsDebuggerPresent
WriteFile
InterlockedExchange
GetCurrentThreadId
SetEnvironmentVariableA
GetModuleFileNameW
LoadLibraryA
SetHandleCount
HeapDestroy
TlsGetValue

Sections

.text
Size: 332KB - Virtual size: 332KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 902B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 784KB - Virtual size: 783KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ