23467be4cabbe80e047c68f08521e6c7 | Triage

Sharing

General

Target

23467be4cabbe80e047c68f08521e6c7
Size

219KB
MD5

23467be4cabbe80e047c68f08521e6c7
SHA1

201163552835cae7521d7eeac8dcf7be2ecb6684
SHA256

e02a8dfbd42d9a61b08c94accf043e276ce0c9b2bab5dc88891f1dd972fc539a
SHA512

ea65417e587ab965021dbd27c79ce318556a1508b05123ad5a0cced042599a09f9ee8ea7d702046f385c0ab9898acffa72e4e9806e013407b4a3e16e0e87b32e
SSDEEP

3072:dmBRFLF/a2N+zStuNz5XxCf3/J7zp0h5Djnv1M1TDzsYIvUsh7I3sW:wB/p/rwS+XxCPa1vu1QnvT9Ic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23467be4cabbe80e047c68f08521e6c7

Files

23467be4cabbe80e047c68f08521e6c7
.exe windows:4 windows x86 arch:x86

1297eff35563d0e38b8e79a94118df17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalLock
CreateHardLinkA
GetTapeStatus
EnterCriticalSection
CloseHandle
GetOEMCP
FindAtomA
RaiseException
GetCommState
VirtualAlloc
ExitThread
GlobalFlags
GetStdHandle
GetProfileStringA
GlobalFree
ClearCommBreak
DeleteAtom
GlobalCompact
GetProcessHeap
LoadLibraryExA
WriteProcessMemory

user32

GetForegroundWindow
ReleaseDC
BeginPaint
IsIconic
GetDC
EndPaint
GetActiveWindow
GetParent
GetWindowTextA
ValidateRect
GetClassNameA
GetWindowTextLengthA
GetFocus
CloseWindow
ShowWindow
GetWindow
RegisterClassA
DrawEdge
GetClassInfoExA

wsock32

WSACleanup
WSAIsBlocking
WSAGetLastError
WSAAsyncSelect
WSAStartup

dot3api

Dot3SetProfile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ