f798429a9ee3540c816cf23c4f9ab5cf | Triage

Sharing

General

Target

f798429a9ee3540c816cf23c4f9ab5cf
Size

131KB
MD5

f798429a9ee3540c816cf23c4f9ab5cf
SHA1

4f9ed4cef86c10ed42e1f33508e4cf270f903219
SHA256

e5691b40c4b0ba6e8d7a7087a153d6b2ae2b59426fc32341b60f4374e2c7facc
SHA512

8b6019948ba75f88cb6c9b1457fe4cb7a81e875a1a83fde4242897190ea4db7535d59f3a6045e4ef9c1ae3fa3b852f114741f1f40193ac6654f4e21efc61eec2
SSDEEP

3072:wQFHCS3oIU157MVbHtLnWWyqMdyrOjUlrCOTzffu6J2N7o9/:wQwS9tHtD3bMdGuIz3u22N+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f798429a9ee3540c816cf23c4f9ab5cf

Files

f798429a9ee3540c816cf23c4f9ab5cf
.exe windows:4 windows x86 arch:x86

800920539297009554cb80c35e3695f3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

ReleaseStgMedium
CoUnmarshalInterface
StgOpenStorage
CoDisconnectObject
CoCreateFreeThreadedMarshaler

shlwapi

PathGetCharTypeA
PathIsContentTypeA
SHQueryInfoKeyA

kernel32

VirtualAllocEx
LoadLibraryA
GetDateFormatA
GetCommandLineW
GetCurrentThreadId
IsBadHugeReadPtr
GetDiskFreeSpaceA
ExitProcess
GetEnvironmentStrings
GetFileAttributesA
GetFileSize

gdi32

GetClipBox
CreateDIBitmap
GetPaletteEntries
SelectPalette
GetPixel
GetBkColor
SetPixel
GetTextAlign
CreateDIBSection

user32

IsDlgButtonChecked
EnableWindow
GetMenu
CreateMenu
GetMessagePos
GetScrollInfo
GetPropA
GetParent

Exports

Exports

BZwt7huAvh7
_hesfXmT2
_Za1mnA_SRHSSH
ZhPnlcm1W_@8
_7Y5hBarb1rra5

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ