367abbdd3251ea844d517db42b20dabf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

367abbdd3251ea844d517db42b20dabf
Size

18KB
MD5

367abbdd3251ea844d517db42b20dabf
SHA1

18a34617af1e0941fc08fefab22dbb34b4faf084
SHA256

845453db3d9e5961bcd7a1e4061e4462f08e3641baebd1750d2e6514f31a85f9
SHA512

29b7211180f4f1a059782f8648b470259fd903b01d2ec95cebdbed7790512ea0ea2521f739fd9f9471cf7842214036c17b61e7dc01d4ee668e768a9aee5e5e21
SSDEEP

192:6fBQm7e8kQc478jyA4glNOJyrEE0e+3r9l/eKOwQbgdC0E/RQeZ0beF58RbzH7mI:6pzlL7dgPdrEQWlfVQbgI0XJHiDa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
367abbdd3251ea844d517db42b20dabf

Files

367abbdd3251ea844d517db42b20dabf
.exe windows:54188 windows x86 arch:x86

96140cde92931e6673707c9055e9cc19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageW
SetRect
ShowWindow
SetFocus
IsIconic
MessageBoxW
ReleaseDC
EndDialog

kernel32

GetCurrentProcess
SetLastError
LocalAlloc
VirtualAlloc
GetModuleHandleA
GetCurrentProcessId
GetProcessHeap
LoadLibraryA
GetProcAddress
TerminateProcess
ExitProcess

gdi32

CreateCompatibleBitmap
GetDeviceCaps
DeleteObject
CreateBitmap
PatBlt
SetBkMode
GetObjectW
CreateCompatibleDC

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ