390123bbe341a8d365374fe82dbb498b | Triage

Sharing

General

Target

390123bbe341a8d365374fe82dbb498b
Size

67KB
MD5

390123bbe341a8d365374fe82dbb498b
SHA1

00f57c538bd6185bbf883e9f7474ad6687f5a9ab
SHA256

53d1eb1712ad411328b163e5f110eee3ad711fd51d371a4f982fd5376798a708
SHA512

c3ab3cb4f9bbc56f6449ea46d6c006da3da557c85caf24ea8033ff3f76a1b231566a4948185f0ccbcbd92df69f13abdd378cf318eb6af5ba1bb9b1f43f42ac22
SSDEEP

768:RSCUi37gaFF7IwBusXZtJ+RfkvbtxyOWf34wOMS+l5Af6sQO/MQ5l8iq7Ga:kUU+hI5sXQUnW/4wOMS+Uf6IL5l8iSR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
390123bbe341a8d365374fe82dbb498b

Files

390123bbe341a8d365374fe82dbb498b
.exe windows:4 windows x86 arch:x86

77eb0c164090eeb15303c2f6d8bf8bef

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

FaultInIEFeature
GetClassFileOrMime
CoInternetParseUrl
ReleaseBindInfo
URLOpenStreamA

comctl32

ImageList_DragEnter
DrawInsert
ImageList_Remove

user32

CreateDialogParamA
CreateWindowExA
MessageBoxA
MessageBeep
DestroyWindow

kernel32

BackupRead
DuplicateHandle
CommConfigDialogW
CancelIo
EnumTimeFormatsW
ExitProcess

msvcrt

memcpy
memcmp
strstr
strlen
strcpy

Sections

.text
Size: 41KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE