38a1e944f26a88e2ab2b489dadd79148 | Triage

Sharing

General

Target

38a1e944f26a88e2ab2b489dadd79148
Size

348KB
MD5

38a1e944f26a88e2ab2b489dadd79148
SHA1

852b3fd34f21bd38f2e1c6f64ada2cbb19833705
SHA256

6b6e7c350416c243a071e746e620de926646f77bfd44e14ac0b1c3cf3a500d5e
SHA512

55b95ef2b57465e908e1fb9c814483108860f82f030566891ee5c0f5172d2ac8c180aa7079e079d06167d2751e79f2796af57f23111edcd51bba1b2dae033f9d
SSDEEP

6144:QDZXWOxvZ7NJ7O88LnKL5PtNVWg5sBbk9:QDzvZ/7RaKL5/AMMI9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38a1e944f26a88e2ab2b489dadd79148

Files

38a1e944f26a88e2ab2b489dadd79148
.exe windows:4 windows x86 arch:x86

8f141060562bd054ca0464b45a6e2ca0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
FindResourceW
GetModuleHandleA
GetExitCodeProcess
CloseHandle
GetCurrentThreadId
CreateProcessA
GlobalUnlock
SetLastError
HeapCreate
CreateFileW
GetEnvironmentVariableA
UnmapViewOfFile
lstrlenA
TlsGetValue
lstrcpyA
GlobalFree
GetProcessHeap
PulseEvent
LoadLibraryExW

user32

FillRect
DrawMenuBar
GetCaretPos
IsWindow
SetFocus
GetDlgItem
CheckRadioButton
CreateIcon
GetDC
DrawEdge
CreateWindowExA
DispatchMessageA
CallWindowProcA

rsaenh

CPGenKey
CPDecrypt
CPDeriveKey
CPSignHash
CPHashData

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ