01c320aa39fb99bebaa2cc37ae6fb9a3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01c320aa39fb99bebaa2cc37ae6fb9a3
Size

23KB
MD5

01c320aa39fb99bebaa2cc37ae6fb9a3
SHA1

282255bc16ef44f2301e229365e1aefe0092dd7e
SHA256

f2f32e9a5ed49d6bf2f5a6ba5d465a3ff23a58c651f56088e52b4f5f9f6f23b1
SHA512

2e8029f906e45861b7a4c00d48ccfc49dfdaf7e1f5ecf975d9eea23e95ceb15b85b1eac1946278ed18f4f07ac1523acba45df031aa14fe6a84e879e6934ecf98
SSDEEP

384:i9VhRNYh18mX0c095KUXx/PoIXR5CFohLMU1N+3V435HwuTGCdNN:iR/Yh1nkc095Kcxo25TLM0wl435BGK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01c320aa39fb99bebaa2cc37ae6fb9a3

Files

01c320aa39fb99bebaa2cc37ae6fb9a3
.exe windows:1 windows x86 arch:x86

01345ccd89e2b7c542ec6a65dd2feb39

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_acmdln
_except_handler3
__p__commode
__getmainargs
_XcptFilter
_adjust_fdiv
_exit
__set_app_type
_controlfp
__p__fmode
__setusermatherr
memcpy
exit
_initterm

gdi32

ExtTextOutA
GetTextMetricsA
SetTextAlign

kernel32

VirtualAllocEx
VirtualFree
VirtualProtect
GetStartupInfoA
GetModuleHandleA

user32

DrawFrameControl
DrawMenuBar
PeekMessageA
CreateDialogParamA
CallWindowProcA
FindWindowExA
GetClassLongA
LoadCursorA
FindWindowA
WindowFromPoint
LoadImageA
GetClientRect
GetParent
CreatePopupMenu
SendMessageA
MsgWaitForMultipleObjects

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ