130977f9d8f36094c23539375c0500c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

130977f9d8f36094c23539375c0500c7
Size

249KB
MD5

130977f9d8f36094c23539375c0500c7
SHA1

297659c2288d00aab854161b7046ada3fa5de8c1
SHA256

443c2e4fb9bc763afa52a45375f0ed2e1d651da217b91bee9915c0303ae3815b
SHA512

ffdee78c8ba2f1b993827b7d6b9b94dda2e5b28ed36ae20201a62a75d113f3d721d60d4fe6a9f60326754858db42edd3042fb0cd1e641a3dd300d90dc121173f
SSDEEP

3072:mBz7MuFU+IfbZ8LC1eQkhlYWVqy4BUYS:ifM2OZCC1wlnJmU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
130977f9d8f36094c23539375c0500c7

Files

130977f9d8f36094c23539375c0500c7
.exe windows:4 windows x86 arch:x86

b75d2a802c2a2dfe77a898de2f9ddf2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCurrentProcessId
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
IsDebuggerPresent
LoadLibraryA
QueryPerformanceCounter
SetCurrentDirectoryA
VirtualAlloc
VirtualFree
lstrcmpiA

user32

CharNextA
CreateWindowExA
DestroyMenu
EndDialog
EndPaint
GetClientRect
GetCursorPos
GetDesktopWindow
GetForegroundWindow
GetSubMenu
GetWindowRect
InvalidateRect
LoadIconA
RegisterClassA

gdi32

CombineRgn
CreateHalftonePalette
CreateRectRgn
DeleteEnhMetaFile
ExtTextOutA
GetBrushOrgEx
GetDeviceCaps
IntersectClipRect
Rectangle

shell32

CommandLineToArgvW
DragQueryFile
SHGetFolderPathA
SHGetPathFromIDListW
SHGetSettings
ShellExecuteEx

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 136KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE