03e53fb99760f2bea4a4a4fe00f62a5c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03e53fb99760f2bea4a4a4fe00f62a5c
Size

110KB
MD5

03e53fb99760f2bea4a4a4fe00f62a5c
SHA1

a2a99af5068722a892b088baaae088ace6c1ec2b
SHA256

04167e49cec3813a73e91bcfd320e9ff53eaffbfb0fc0bc18c3aadf4ff36c284
SHA512

4737b8dff3ad667631bd672e3f19a93b73406f1422000104272a8999d6fd4900964e3b12eecb7fd7acea80c6a7d6ea1e0aa0633611943d915ac1037fe1dd9f1d
SSDEEP

3072:q3Xyf1mFTUJQacfMJNzz2xlRyC3DW31RD68wb:kzQJNzyLDW37D68w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03e53fb99760f2bea4a4a4fe00f62a5c

Files

03e53fb99760f2bea4a4a4fe00f62a5c
.exe windows:4 windows x86 arch:x86

0a4eeef3cc23ba0bf1fb7fc23040ce22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumKeyA
RegCreateKeyExW
RegDeleteValueA
RegEnumValueA
RegQueryValueW
RegQueryValueExW

comctl32

DrawStatusTextW
DrawStatusText
CreateStatusWindowW
CreateToolbar
ImageList_Add

gdi32

CreateSolidBrush
CreateFontIndirectA
CreateHalftonePalette
CreatePalette
CreateCompatibleBitmap
GetPixel

user32

GetWindowTextA
DrawIcon
CopyRect
GetDlgItem
EndDialog
DialogBoxParamA
CreateIcon
IsMenu
CopyIcon

kernel32

ReadFile
GetFileTime
Sleep
ExitThread
GetConsoleMode
CreateProcessA
GetLastError
DeleteFileW
FindFirstFileA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 65B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 26KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ