23fb16b03ec5c6d9f7c3fee1ae67dbd2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

23fb16b03ec5c6d9f7c3fee1ae67dbd2
Size

55KB
MD5

23fb16b03ec5c6d9f7c3fee1ae67dbd2
SHA1

a405820a23929dbb5073f8bdf0b8ce2b55f2211c
SHA256

0d9da86b1d246de658749f65c04d7c9fe2358ce58a90a9a46a8710040438818b
SHA512

224a662baff363128527c5db1fbdd767f6dfe3c180a8b6ec860198dc5db1db042fc1fd420f36784cf7ff320c1550816e9ee9b34bdd87965f2b75114350ddfc2a
SSDEEP

768:8wmYkZhWrAh1TrVpP5zSvpUKbntNy1Owwv639aZ21d8OOGaGZPK6qNXPf8ghD6V4:RaZhW8jr3x2mMQOwKi83DG5jq382m

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23fb16b03ec5c6d9f7c3fee1ae67dbd2

Files

23fb16b03ec5c6d9f7c3fee1ae67dbd2
.exe windows:5 windows x86 arch:x86

e09612d8c1b932360da2b6d2f7d638a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
MapViewOfFile
GetTimeFormatA
GetTimeZoneInformation
RtlUnwind
LockFile
GetModuleFileNameW
GlobalLock
SetCommState
FindNextFileA
lstrcatW
GetCPInfo
AddAtomA

ntdll

memset

gdi32

GetLayout
WidenPath
CreateSolidBrush
GetBkMode
Escape
CreateDIBitmap
SetDIBitsToDevice
CreateDIBSection

shlwapi

StrCmpNIA

user32

SendDlgItemMessageW
FillRect
GetClassLongW
CheckDlgButton
OemToCharA
InvalidateRgn
ChildWindowFromPoint
IsCharAlphaA
DispatchMessageW
CharUpperA
DrawTextExW
DrawIconEx
CreateWindowExW

Exports

Exports

?SanbevLbdzzn@@YGPAKJ@Z
?GynpxYaqaYfgXvfjde@@YGMPA_N@Z
?ZupoQao@@YGMM@Z
?IpYaoxvty@@YGXPAM@Z
?_UnKmtsl@@YGHJF@Z
?PfxmPmusOtbnzkfaqkg@@YGHD@Z
?ZpzlnFPxfbnoDgv@@YGPAIK@Z

Sections

.itext
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ