391ed34ee4aa25e22f46654593e8bee5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

391ed34ee4aa25e22f46654593e8bee5
Size

185KB
MD5

391ed34ee4aa25e22f46654593e8bee5
SHA1

059b17fb754f2a0e99ab787f8c587f0e59ae95f2
SHA256

3ea06e3931e8eb777e5843263990ab723d93e76f61131d33ced905d185abe427
SHA512

4fe9baaba83c2c501767eeafe2905f4034ffda2403aaee438ba1c688f64ed3ff6439f89b8f8dea03d675e2a14984941a144f51b44d5ff1dd5c3003d59e80d802
SSDEEP

3072:33ZmMh8YpyZdRGsqS7bxVCEWyrrKLWRNzlKdiSBDK6K42HMw/S00f+UBvh:33Z7h1KRGsxPxVprrKLWRFlKdiYDy42+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
391ed34ee4aa25e22f46654593e8bee5

Files

391ed34ee4aa25e22f46654593e8bee5
.exe windows:5 windows x86 arch:x86

65be34e468529276f3112fc87f5fd7f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

SetTextAlign
GetNearestPaletteIndex
SetPixel
SetTextColor
GetROP2
SelectClipRgn
GetTextColor
SetDIBitsToDevice

user32

GetWindow
EndPaint
DrawTextExW
VkKeyScanW
MoveWindow
CreateDialogParamA
LoadCursorW
GetWindowLongA
MonitorFromPoint
GetParent
LoadImageA
GetScrollPos

kernel32

GetUserDefaultLCID
WaitForSingleObject
LoadResource
GetStringTypeExW
lstrcmpiW
LoadLibraryW
SleepEx
SetTimerQueueTimer
CreateFileW
CancelIo
GetSystemDirectoryW
GetProcAddress
CreateThread
VirtualAlloc

Exports

Exports

?YgokFGbtciKoTaMjxao@@YGPADFD@Z
?tammdykv@@YGPAFJK@Z
?BySsfJwEnSxy@@YGPAMK@Z
?tapwhQwlbxfkLf@@YGPAEH@Z

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ