234354663c3b258e90970118cd2406bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

234354663c3b258e90970118cd2406bd
Size

53KB
MD5

234354663c3b258e90970118cd2406bd
SHA1

646cf1b54bd2e923e9219efd5450779e067322a6
SHA256

765b5b621efdd5cd9af964ebcc79fe4f517d20ee16e2a3ea93813417c8dc016b
SHA512

5e18894707f7bfb6a83343415c4d97853c935b2c6872ac8ba4783acf33d74e87d26b40bec9007904d69b74c129918822968d456b9c59d1f98f9797e94b5ab970
SSDEEP

768:rmCewgRtIODFTXoti7/KkLEJd06Tk8jbxq8nSl0MCNxWxBIG1IR2g9VcO+Celd:rm/NRtIsoXTVlvSkhGuka6bd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
234354663c3b258e90970118cd2406bd

Files

234354663c3b258e90970118cd2406bd
.exe windows:4 windows x86 arch:x86

243716793f163216923d1d997e79ae0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommProperties
SetLastError
DeleteCriticalSection
GetPrivateProfileIntW
GetFileSize
MoveFileWithProgressW
RtlFillMemory
ProcessIdToSessionId
EnumUILanguagesW
OpenSemaphoreW

user32

LoadCursorA
CharUpperBuffW
GetWindow
DdeQueryStringW

Sections

CODE
Size: 9KB - Virtual size: 67KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pack32
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ