231bd4ec4d36db322a4ea14de3061b6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

231bd4ec4d36db322a4ea14de3061b6a
Size

635KB
MD5

231bd4ec4d36db322a4ea14de3061b6a
SHA1

b300779e9ea45c2f25bd6e31886baa04c95f35e8
SHA256

7f1a529622235809df6fa34d4036f8670c5375346b3f90716d1229eb82197ba3
SHA512

57f402bc02a7028e704253302b23c643f3a25a264a6905e9290809f9c85f4a71b045ffe08f318e9a7196e26e6854e35744cd1207c9908c2977b3601502209d52
SSDEEP

12288:s0sXYFjMSjOejSuBlKdtTgnGY2k9IvRPweaFg1l3IV+y9cEyu1Ns:sgxMSjt3Tw2C6eqg19o+yiEyu8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
231bd4ec4d36db322a4ea14de3061b6a

Files

231bd4ec4d36db322a4ea14de3061b6a
.exe windows:4 windows x86 arch:x86

08bbd3f2fa72ae0f7e14df3ebb926db3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
GetStdHandle
VirtualProtect
CloseHandle
Sleep
GetSystemDirectoryA
GetFileAttributesA
GetLogicalDrives
LoadLibraryExA
EnterCriticalSection
GlobalAddAtomA
GlobalFree
GetLastError
SetErrorMode
GlobalAddAtomA
RaiseException
GetCommandLineA
InterlockedExchange
GetACP
LockResource
HeapCreate

user32

EndPaint
ReleaseDC
GetActiveWindow
DrawTextA
FrameRect
BeginPaint
wsprintfA
GetWindowTextA
FlashWindowEx
GetWindow
GetParent
ShowWindow
ValidateRect
SetForegroundWindow
GetClassNameA
GetFocus
IsIconic
FillRect
GetCursorPos

httpapi

HttpAddUrl
HttpRemoveUrl
HttpCreateHttpHandle
HttpInitialize
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ