58de13ab2726f5ba203fcd9323830d37 | Triage

Sharing

General

Target

58de13ab2726f5ba203fcd9323830d37
Size

716KB
MD5

58de13ab2726f5ba203fcd9323830d37
SHA1

a77a340d63e6f6514bce29f4e100cd872e23bc3f
SHA256

e5fac1d1d2ba4616d9c525233a819ce1b4bd2f28e906562a1cb5a61ff73d1567
SHA512

ccd88012cb94ea491bde49ec421bc3748b4bf80501e74855c5180cf0330210f6f19d485d4a23ef24fe70f471424b187752f988d690bfb4ac24bf501e8c5b2420
SSDEEP

12288:wIea+MbZQknFU0GLzhAli0g6+TNm6ovS+UCOjuILrAoVJAtOYr/P8Te+OkJmR9WV:wIUknF2n+AH6H/UCOj3r/ItpbPqe+9JJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58de13ab2726f5ba203fcd9323830d37

Files

58de13ab2726f5ba203fcd9323830d37
.exe windows:4 windows x86 arch:x86

32cd76a622580a988127fc8bfbd963cf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
WaitForSingleObject
GetVersion
HeapWalk
GetTickCount
GetProfileIntA
InterlockedExchange
VirtualProtect
SetEvent
CloseHandle
CompareFileTime
FindAtomA
GetACP
ResetEvent
HeapReAlloc
TlsFree
GetModuleHandleA
LoadLibraryW
GlobalUnlock
lstrlenA
GetAtomNameA

user32

GetDlgItem
LoadIconA
GetKeyboardLayout
DestroyMenu
GetParent
CopyRect
PostMessageA
GetWindowLongA
EqualRect
GetSubMenu
InsertMenuA
SetSysColors
SetWindowPos
TranslateMessage
EnableScrollBar
ModifyMenuA
GetScrollRange
DialogBoxParamA
GetMenu
GetWindowTextA
ShowWindow
MessageBoxA
InflateRect
UpdateWindow
GetMenuStringA
PostQuitMessage
ScrollDC
SetPropA
DispatchMessageA

userenv

GetGPOListA
RefreshPolicy
GetProfileType
LoadUserProfileA
FreeGPOListA

apphelp

ApphelpCheckExe

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ