042590d9732f04d7430c392c9e1f7e57 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

042590d9732f04d7430c392c9e1f7e57
Size

294KB
MD5

042590d9732f04d7430c392c9e1f7e57
SHA1

557176ac045f167d44696534dac4de96e5b780dc
SHA256

a831bfbe0cb0e394d072c025df124f6afe6b8b7f20b16232b7b8ff6b3f0fcfbb
SHA512

ae83a2fdfba3f6279c09d597d684f6619f4dd2682a2e0326cf4b4d27d7a8eed4cbd68893726dfb9aeb379e0ed4d526202e1a8eacff21a642c382581b77fce231
SSDEEP

6144:BEAEjOxV+O9sXKo5gVz/aICLacxbmwauDpAsb:br9G5gNa7LdbbaO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
042590d9732f04d7430c392c9e1f7e57

Files

042590d9732f04d7430c392c9e1f7e57
.exe windows:4 windows x86 arch:x86

aa5b82a82330a14fa11f1b3fd838ac96

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
GlobalUnlock
GetModuleHandleA
CloseHandle
GetTickCount
HeapWalk
GetACP
WaitForSingleObject
TlsGetValue
CompareFileTime
VirtualProtect
GetAtomNameA
GetVersion
LoadLibraryA
GetStdHandle
TlsFree
lstrlenA
GetConsoleCP
FindAtomA
InterlockedExchange
GetProfileIntA

user32

CreateCaret
InflateRect
DialogBoxParamA
InsertMenuA
SubtractRect
ShowWindow
GetMenu
ModifyMenuA
GetWindowTextA
GetScrollRange
LoadIconA
UpdateWindow
SetPropA
PaintDesktop
PostMessageA
EqualRect
PostQuitMessage
GetKeyboardLayout
DispatchMessageA
DestroyMenu
TranslateMessage
MessageBoxA
GetMenuStringA
SetWindowPos
CopyRect
EnableScrollBar
GetDlgItem

msi

MsiEnumProductsA
MsiEnumClientsA
MsiCloseHandle
MsiDoActionA
MsiGetMode

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 632KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ