253a602154948220e33f2e1e85ea78ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

253a602154948220e33f2e1e85ea78ee
Size

38KB
MD5

253a602154948220e33f2e1e85ea78ee
SHA1

67594894b4f57810571b254f18c43c8c92270020
SHA256

69adc8d94224a7b498ed4521ccc5f3dc115c3e3d87c5e7750649b00e7e058b4f
SHA512

8d530ef5f5814c6f094dafb66e8d6e769bdeb62b515bc1fa0456323790da8fe6c58bb3c616ebfb0d4497d118731f8b2adc8bd8fa54bd3588b4590abf9d329d19
SSDEEP

768:3YFmt2d/io9VAw00xrqLm1+f6DjfmaVZ:oEt5o9F00xuK1xDjf3V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
253a602154948220e33f2e1e85ea78ee

Files

253a602154948220e33f2e1e85ea78ee
.exe windows:4 windows x86 arch:x86

b844715a000023a67e7ef45859bb2149

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
FreeLibrary
GetEnvironmentStringsA
GetFileType
GetSystemDirectoryA
GetSystemTimeAsFileTime
HeapAlloc
HeapCreate
OpenProcess
SetEnvironmentVariableA
lstrcmpA
lstrcpynA
lstrlenA

msvcrt

__p__fmode
wcslen
malloc

user32

GetSystemMetrics
PtInRect
SetCapture
GetUserObjectSecurity
PostMessageA
GetWindowThreadProcessId

oleaut32

RegisterTypeLi
OleTranslateColor
OleLoadPicturePath
GetErrorInfo
SafeArrayDestroy
SysFreeString

shlwapi

PathBuildRootA
PathFileExistsA
SHDeleteEmptyKeyA
SHSetValueA
StrStrA
StrToIntA
PathAppendA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ