23a09bfd672ff559d12cef019bc4913b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23a09bfd672ff559d12cef019bc4913b
Size

748KB
MD5

23a09bfd672ff559d12cef019bc4913b
SHA1

776868be06eca9e3f5e75e10d1f9cb73b48ed28c
SHA256

50f9690c296e54df1f6e1b93535b82799ed59c23b031b7cf17e91c8bc30ee2f9
SHA512

f46b663004e57aa18618b3aac44eccaa61ee84ff389c64f41111528356d60a372957e26a348b08501adc70e08e7dea68793107d9690651cf8572c392ce66164f
SSDEEP

12288:mg23C5gk7ogzITkrie4845ARE68ycls6s+PzJ33RI20iapZkWCb:N23CTxIU8zT1m+lWiEZ9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23a09bfd672ff559d12cef019bc4913b

Files

23a09bfd672ff559d12cef019bc4913b
.exe windows:5 windows x86 arch:x86

6b8ec63b62cf6f2d6fb71c75eab3e78b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
ExitThread
LocalSize
CloseHandle
GetDriveTypeA
GetCommandLineA
HeapFree
FindVolumeClose
GetModuleHandleA
lstrlenA
GetCurrentDirectoryW
CancelIo
CreateSemaphoreA
WaitForMultipleObjects
GetModuleFileNameA
EnterCriticalSection
GetFileTime
FindClose
FindVolumeClose
GetFileAttributesA
HeapCreate
CreateDirectoryA
IsBadReadPtr
GetFileType
GetTickCount

uxtheme

GetThemeBool
GetWindowTheme
DrawThemeBackground
GetThemeTextMetrics
CloseThemeData
CloseThemeData
GetThemeColor
IsThemeActive
SetWindowTheme
OpenThemeData
DrawThemeEdge
GetThemeEnumValue
GetThemeTextExtent

drprov

NPGetCaps
NPGetCaps
NPGetCaps
NPGetCaps

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE