142e3065cc4ce5c4c6c51a50be7a581a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

142e3065cc4ce5c4c6c51a50be7a581a
Size

156KB
MD5

142e3065cc4ce5c4c6c51a50be7a581a
SHA1

e3904fa92ac13dc64e325b84eb5245726f8819f7
SHA256

a7245e000f283093f9b7a62e0fe7befccb3f8029d09b7e3b3ba246fadaa5e416
SHA512

318f7e6d5637872a19879b2d846a4b9f075925e7fbeed40f647cbad4e7d615a1f5ca3e573faf7b9ffa650bf5cd7bc696e3e445dea46984856b542644adc765ca
SSDEEP

3072:jPUpt3040J+J4P6L22L8sUL2tBdk80OAJQz/+:jPUv040J+uP2L83CtBdJ0vQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
142e3065cc4ce5c4c6c51a50be7a581a

Files

142e3065cc4ce5c4c6c51a50be7a581a
.exe windows:4 windows x86 arch:x86

a5fe7eb3df5ccde56e51bc42684fd2b6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetTextColor
GetBkColor
GetMapMode
GetTextExtentPoint32W
CreateFontIndirectW
CreateSolidBrush
GetStockObject
CreatePatternBrush
DeleteDC

rpcrt4

RpcStringBindingComposeW
RpcStringFreeW
RpcSmDestroyClientContext
RpcBindingFromStringBindingW

shell32

SHGetFolderPathW
DragQueryFileW
DragFinish
CommandLineToArgvW
SHFileOperationW

user32

wvsprintfA

kernel32

GetTempPathW
SetLastError
WaitForSingleObject
FindFirstVolumeW
HeapSetInformation
GlobalFree
DeleteCriticalSection
GetTickCount
MultiByteToWideChar
lstrlenA
GlobalHandle
FormatMessageW
InterlockedDecrement
InterlockedIncrement
CreateFileW
CloseHandle

oleaut32

VariantInit
DispGetIDsOfNames
VarUI4FromDec
SysFreeString

Sections

.text
Size: 74KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 296B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ