023a2f249d11288f415b5495e292e908 | Triage

Sharing

General

Target

023a2f249d11288f415b5495e292e908
Size

38KB
MD5

023a2f249d11288f415b5495e292e908
SHA1

165433b97b4871952ec300a388f9d68b7dabebe0
SHA256

6102c18cbd1a57ef0120ca4cd11ca798de5806fa27c56ec222c5ae03606ef095
SHA512

793da4c6664d017f4a6f17980b7537ba15cfb01ed9080ea3c58439c91e500d4b5952720f3c623dc1589d75794d118dc70452d2606c1d5ed16e0ea0e80c8eb64f
SSDEEP

768:rhoWdWFr/iwoUkZFYxdsAb1nn689fO2VQs4/44dqLy:rPdWliJU00dNJn689fR84CL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
023a2f249d11288f415b5495e292e908

Files

023a2f249d11288f415b5495e292e908
.exe windows:4 windows x86 arch:x86

c276fa3ec62b4ebee451ab5a1b524668

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetWindowsDirectoryA
GetUserDefaultLCID
IsBadWritePtr
QueryPerformanceCounter
QueryPerformanceFrequency
GetSystemDirectoryA
GetCurrentDirectoryA
GetSystemInfo
GetTimeZoneInformation
GetSystemTimeAdjustment
GetOEMCP
GetCPInfo
lstrcpyA
GetProcAddress
GetVersion
GlobalMemoryStatus
VirtualAlloc
VirtualProtect
IsValidLocale
GetSystemDefaultLangID
GetProcessHeap
GetEnvironmentStrings
GetLogicalDriveStringsA
LoadLibraryA
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetLastError
IsBadReadPtr
IsBadStringPtrA
GetLogicalDrives
GetConsoleCP
GetConsoleOutputCP
AreFileApisANSI
GetCurrentProcess
GetCurrentThread
IsBadCodePtr
GetDiskFreeSpaceExA
GetVolumeInformationA
GetUserDefaultLangID
ExitProcess

user32

GetActiveWindow
GetForegroundWindow
IsWindow
GetSysColor
GetFocus
GetDesktopWindow
GetKeyboardType
GetDoubleClickTime
GetCapture

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE