7f3406bf9d038ed767569d2dfc25e312 | Triage

Sharing

General

Target

7f3406bf9d038ed767569d2dfc25e312
Size

329KB
MD5

7f3406bf9d038ed767569d2dfc25e312
SHA1

2f09534d8fac2a2fb4099f0c93a88873ee4cb60c
SHA256

e85aa2b66042b4af8d4c50f0c1bbb7fe6866c57a182dee146a1adbb3ab76e08e
SHA512

4a7700ea2e74e9b80276e6c39349e5d146c9d9e7c4044f151890a64fe0a194af1d77276d5f403dd649d23cfb86e96237b4181f08148c1c49b62c1fa8492ff4bc
SSDEEP

6144:+Mp4vXJINg5aK0+38te/snxIW+xNsryeITPUq4:9IXJ4gBiX+0WeaUt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7f3406bf9d038ed767569d2dfc25e312

Files

7f3406bf9d038ed767569d2dfc25e312
.exe windows:4 windows x86 arch:x86

63931c2f5078634541aa13615eb7ad62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameA
Sleep
GetModuleFileNameA
GetLastError
GetTickCount
CreateMutexA
FindClose
DeleteCriticalSection
SetLastError
GetExitCodeProcess
CloseHandle
CreateSemaphoreA
GetModuleHandleA
VirtualProtect
FreeConsole
TlsGetValue
GetCommandLineA
GetDriveTypeA
SearchPathA
ReleaseMutex

shell32

SheGetDirA
ShellMessageBoxA
SHAlloc
SHGetDiskFreeSpaceA
DragAcceptFiles
DragFinish
SHGetMalloc
SHGetSettings
SHGetNewLinkInfo
ShellAboutA
DragQueryFileA
DragQueryPoint
SHFree
SheChangeDirA

loghours

ReplicationScheduleDialog
DialinHoursDialogEx
DialinHoursDialog
DirSyncScheduleDialogEx
LogonScheduleDialog

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ