71383f895a6a8d7263028c70380aeab9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71383f895a6a8d7263028c70380aeab9
Size

85KB
MD5

71383f895a6a8d7263028c70380aeab9
SHA1

726421ea58993b076f5614c0bb798a8205fa2dbd
SHA256

3ee6b1b1de47be98a712074b7c90f5d2de3557e70e0bf337b5dfe16ece3d12c3
SHA512

d71b10e8253ffea6dba0adb4bf5514b2fbdb177ab489f810a9193ceac25a2e6bac2a47261ac00a777090fc479954fdd55e17f7a247a41b6cb9900207acdc7461
SSDEEP

768:Ss1CGhPK+3hl9sjHHHYhuD+piPiN7nyfKEDEv4yRAiYJ87zuyeVwvcJ:IaPNhHG6jpJ7mKEAvWRK76ym

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71383f895a6a8d7263028c70380aeab9

Files

71383f895a6a8d7263028c70380aeab9
.exe windows:4 windows x86 arch:x86

42d06036d7e04dc9449c6722b2a8a15f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
GlobalUnlock
GetExitCodeProcess
GlobalFree
GetStdHandle
HeapCreate
GetModuleHandleA
TlsGetValue
GetPriorityClass
GetCurrentThreadId
FindResourceA
lstrlenW
VirtualQuery
DeleteAtom
LoadLibraryExW
CreateMutexA
ReleaseMutex
SetEnvironmentVariableA
SetLastError
CreateFileA

user32

SetFocus
FillRect
CallWindowProcA
GetDlgItem
CheckRadioButton
CreateWindowExA
CreateMenu
IsWindow
DispatchMessageA
DrawEdge
GetDC
DrawMenuBar
GetIconInfo

ntshrui

SetFolderPermissionsForSharing
IsPathSharedW
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA
IsPathSharedA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE