38d5663733f03a5d26b1b9a99d0a27b3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

38d5663733f03a5d26b1b9a99d0a27b3
Size

69KB
MD5

38d5663733f03a5d26b1b9a99d0a27b3
SHA1

f1fda6283b25a3c05c1d30ef14cf5bf8a9cf6a82
SHA256

ff1c2fec488bae58d7d7077cab99008af7ab11474ccd3769bc0b6401771a595a
SHA512

f4367a2d1e1adaf08a9b916aa805b063d91d7b60ebebde34e6c2595cb67c7770e82a83b23d2266b14974e4da76319bdde7b22df8ec5f8c6bc0a3f87983dae70b
SSDEEP

1536:LbRfgE27vZRXs1huovqZss2LqzLzzircs1iMoXn:R4E27vrc7sWqnzzSi1Xn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38d5663733f03a5d26b1b9a99d0a27b3

Files

38d5663733f03a5d26b1b9a99d0a27b3
.exe windows:4 windows x86 arch:x86

7545283f27dc069fd17820c27821301a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalAlloc
GetFileType
QueryPerformanceCounter
LeaveCriticalSection
GetConsoleCP
SetStdHandle
OpenProcess
FormatMessageA
lstrcpyA
PulseEvent
LocalFree
IsValidLocale
WriteFile

msvcrt

wcsncpy
atol
_ltow
__setusermatherr
_strlwr
strncmp

Sections

.text
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ