37aeef845ec5b3716779dc9fd8dddcab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

37aeef845ec5b3716779dc9fd8dddcab
Size

2.8MB
MD5

37aeef845ec5b3716779dc9fd8dddcab
SHA1

91c7c19d52535f1099302a23763c7767945bed4f
SHA256

dc9763614de956e4fdfe46856ec497fb4fd649f0cba1696364e9a73e78a3f4a0
SHA512

92c298d8ffbbd5844ce9f5ede29f82663dde8b5c4b111d80243bb59c8841450495df3bf8ab7be104ca69e93500c475f40fc49cc1750a55422ce58ca262f1aca6
SSDEEP

49152:IKAugYPSol/oa43KFQFc4ShEHPK8VOoUcAt34dKN/qqtZwzLwYyy9iV:NuWFRL4UEi3oUcA2w/3ZuUYyc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37aeef845ec5b3716779dc9fd8dddcab

Files

37aeef845ec5b3716779dc9fd8dddcab
.exe windows:4 windows x86 arch:x86

139c17d90f15a474f0d130c74d3594dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
LocalFree
CloseHandle
DeviceIoControl
CreateFileA
LocalAlloc
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
TlsSetValue
TlsGetValue
TlsAlloc
SystemTimeToFileTime
GetSystemTime
FileTimeToSystemTime
WriteFile
SetErrorMode
GetProcAddress
GetCurrentProcess
ReadFile
FindFirstFileA
GetModuleFileNameA
FindClose
FindNextFileA
GetCurrentProcessId
GetEnvironmentVariableA
LoadLibraryA
FreeLibrary
GetModuleHandleA
GetFileSize
GetLocalTime
LocalReAlloc
GetLastError
SearchPathA
Sleep
OpenSemaphoreA
ReleaseSemaphore
WaitForSingleObject
CreateSemaphoreA
GetModuleHandleA
GetProcAddress

user32

MessageBoxA

msvbvm60

ord582

Sections

.text
Size: 1.6MB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.protect
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE