296db0108d90f7d34baf0fc315c4888b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

296db0108d90f7d34baf0fc315c4888b
Size

140KB
MD5

296db0108d90f7d34baf0fc315c4888b
SHA1

ae36d9634f9c484887909fa9643f02d4193f42d2
SHA256

e2a145c0e3517e57971d1a5df719346880032edc0e4fa8fbe99696a0d9a9c04d
SHA512

2a73c4faaa6bb5d978458024c682576ecf8802d66532eeb2f3390e1b3a5fa7b917ba69ee3243b3209f81b3472f0eed510bd143d539fe5304791c7e50b6489e1f
SSDEEP

3072:k0/mDvHLGinzGQK/PS7tpNyzqJ8hpEcTyvylNtSg5gM:P/mDvrGinz4XS7tyzqmw4tSg5g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
296db0108d90f7d34baf0fc315c4888b

Files

296db0108d90f7d34baf0fc315c4888b
.exe windows:4 windows x86 arch:x86

8f9779ecc29e9d194b474c6a1ebbd010

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetLocalTime
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetTimeFormatA
RtlUnwind
SetUnhandledExceptionFilter
UnmapViewOfFile
lstrcmpiA

user32

ShowCaret
LoadIconA
LoadBitmapA
DrawStateA
CreateMDIWindowA
CharToOemBuffA
CharToOemA
DrawTextA

advapi32

LsaCreateTrustedDomainEx
LsaGetRemoteUserName

msvbvm60

__vbaCheckTypeVar
__vbaAryUnlock
__vbaFileSeek
__vbaCyAdd
__vbaError
__vbaEnd
__vbaCyMul

dinput

DirectInputCreateA
DirectInputCreateEx

Exports

Exports

Swa
Wacommce

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ