fe31313a86d29f218150085e1dc8aaca | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe31313a86d29f218150085e1dc8aaca
Size

166KB
MD5

fe31313a86d29f218150085e1dc8aaca
SHA1

11b399c588609f4f988f336e213b89a9d822b620
SHA256

77faadffc6390c1bb4c407df46ab5e23b6dd3b578b44c4074dfca3ccbc5f85aa
SHA512

1b96c765ced9402443e1941224afff7215a72832ec9db4a94cef30f187770b4da1d967cf301e6b100ec788148a25e475f24d724c06414f0ad450ef98605a0ae4
SSDEEP

3072:+dTn9unZuo/KI/AfDIaHKRqLVbSj6duoI0CSr0G67mNCB6vVDnvd2SyOk:+3sukD/ID8AVbSedB6taNMyVT4W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe31313a86d29f218150085e1dc8aaca

Files

fe31313a86d29f218150085e1dc8aaca
.exe windows:63106 windows x86 arch:x86

d1cc2d5d66ccbf591227cd8acd47d47c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetLastError
QueryPerformanceCounter
FormatMessageW
GetModuleHandleA
GetCommandLineA
GetModuleFileNameA
VirtualAlloc
GetTickCount
LoadLibraryA
ExitProcess
GetCommandLineA
GetACP
QueryPerformanceCounter
LocalAlloc
GetCommandLineA
FreeLibrary
lstrcmpiW
GetLastError
GetModuleHandleA
MultiByteToWideChar

gdi32

StretchBlt
TextOutW
PatBlt
CreateSolidBrush
CreateCompatibleDC
BitBlt
GetObjectW

user32

GetWindowRect
GetFocus
ShowWindow
GetDlgItem
EnableWindow
GetDC
GetDC
DefWindowProcW
SendMessageW
GetDC
ShowWindow
LoadIconW
ReleaseDC
SetTimer
CreateWindowExW
DefWindowProcW
SetCapture

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 146KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ