1408fb647b410f5bb29c6a6ca8d26695 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1408fb647b410f5bb29c6a6ca8d26695
Size

16KB
MD5

1408fb647b410f5bb29c6a6ca8d26695
SHA1

ccaa4efa1b05f22eb5b4905fd7654fb87621a9f9
SHA256

0ed5d87f4deeef33560b1507c17e32347b3c05488bbe025b76db40fb49337112
SHA512

083b16de7ac3f994af9b3e35e7a87b02ecfd87d742217e87471c5983672a6403c6d0f830e1dc6cb850571cb08f9f86b207a9a41998890aa25bf0e5b95823df23
SSDEEP

192:63HiPQXw5EYxlRMCrO/U3v0/7HwM346zUuLV31joTLEsDe9:yBHKgBU3v0TQY4sUuF9oT4sDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1408fb647b410f5bb29c6a6ca8d26695

Files

1408fb647b410f5bb29c6a6ca8d26695
.exe windows:4 windows x86 arch:x86

fdc154d22d763bd9a2370641d8d7ab29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetUserDefaultLCID
LoadLibraryExA
WaitForSingleObject
GetModuleHandleA
LockResource
IsDebuggerPresent
GetConsoleCP
lstrlenA
PeekConsoleInputA
GlobalMemoryStatus
GlobalSize
GetACP
GetAtomNameA
GetSystemTime
ResumeThread
TlsGetValue
GetCommandLineA
HeapCreate
InterlockedExchange
VirtualProtect

user32

GetDC
FrameRect
GetClassNameA
SetForegroundWindow
FillRect
EndPaint
CreateIcon
BeginPaint
GetCursorPos
GetWindow
DragDetect
GetTitleBarInfo
DrawTextA
GetFocus
ShowWindow
AnyPopup
ReleaseDC
GetParent
wsprintfA

ntshrui

DllCanUnloadNow
GetNetResourceFromLocalPathA
DllGetClassObject
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA

wshtcpip

WSHIoctl

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ