74408308bc51da491b088b40df8dd4e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

74408308bc51da491b088b40df8dd4e2
Size

89KB
MD5

74408308bc51da491b088b40df8dd4e2
SHA1

c0dde6e766b5ec71b044857132a37e353934bfd9
SHA256

4ef92258428b14af86f712f5bb94a718c1bb419cdbe94f28c6d81444dbaa0f0c
SHA512

a17a8c5df1d819690df1460e0bdefa5c00d1ecb32c8cc02d4bb757564a816daa31c6d4a73652e3d1d72ca9660163af47a0e97c9b8b98e029cc67b27bad9122f8
SSDEEP

1536:Ef1rduhbOAetTNOinDrZhQcnprVF9TGyjc:QdHAeB4idpxF9iyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74408308bc51da491b088b40df8dd4e2

Files

74408308bc51da491b088b40df8dd4e2
.exe windows:4 windows x86 arch:x86

027b4b3c2c918f192cde7541e4192ccf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
Sleep
TlsGetValue
CloseHandle
GetCalendarInfoA
ReleaseMutex
ExitProcess
GetModuleHandleA
GetTickCount
GetLastError
GetDiskFreeSpaceA
lstrlenA
SetEvent
FindVolumeClose
FindAtomA
CreateThread
SearchPathA
FindClose
VirtualProtect
FindResourceExA

user32

EndDialog
GetMessageA
IsIconic
CloseWindow
GetUpdateRect
DispatchMessageA
DragDetect
EnableWindow
GetScrollBarInfo
CreateMenu
CopyImage
GetKeyState
DialogBoxParamA
CreateWindowExA

msdmo

DMOGetTypes
DMOUnregister
DMOGetName
DMORegister
DMOEnum

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE