238df6b85d26c4ac37886c4a002d5899 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

238df6b85d26c4ac37886c4a002d5899
Size

21KB
MD5

238df6b85d26c4ac37886c4a002d5899
SHA1

794b5f59893f4e77254c17f9b6a5e00d80013758
SHA256

783fee8b3a0c8298dddf755d0c9e23b9ed0111f5e6124dc5e58cc3e498d4ec79
SHA512

f6fa18252e841efe94f03a7d9475c8ac96116d12c584dabfe331605799b6ed6ee80e38933a4ce2e51e326d8a2440e5a0dd6b04471083b87b1cbb630f42bc7b19
SSDEEP

384:K7X6jXXWk1F9JqXxMC1tyKgr5bV7xt6voSA1qvx9C6+Bcfq9rDbXyxffsO:kXGWWF9IXxMEyKE59xpl8Zg6+KfkbCxj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
238df6b85d26c4ac37886c4a002d5899

Files

238df6b85d26c4ac37886c4a002d5899
.exe windows:4 windows x86 arch:x86

76f7281e0c97b5c8d7a8b8a2abf51543

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
memcpy
sprintf
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
_except_handler3
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
memset
strlen

user32

FindWindowA
GetWindowThreadProcessId

advapi32

RegSetValueA
RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

kernel32

OpenFileMappingA
MapViewOfFile
lstrcpyA
DeleteFileA
MoveFileA
MoveFileExA
UnmapViewOfFile
GetModuleFileNameA
CreateDirectoryA
GetStartupInfoA
CreateProcessA
ExitProcess
LoadLibraryA
GetProcAddress
OpenProcess
FreeLibrary
OpenMutexA
GetFileAttributesA
lstrcatA
GetWindowsDirectoryA
GetModuleHandleA
GetTempPathA
CloseHandle
WriteFile
LoadResource
SizeofResource
FindResourceA
CreateFileA
lstrlenA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 352B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ