397a84b8df02b7bc2fb1148920f2f70f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

397a84b8df02b7bc2fb1148920f2f70f
Size

98KB
MD5

397a84b8df02b7bc2fb1148920f2f70f
SHA1

0ba0ffb17e881118a54238b70433f73d75b694c6
SHA256

4fc10e172026c00e1f5d1da60908c8f4a0cf4e4fe1bf08fcaafda568a4f9f43a
SHA512

934bab6b481e791609e27040d429ee70df7e720296ff709d2e01cf820d09b3491999ddc2276b5c2f8acfdbe701dcea9d4adc97ceefb100056501fadaa094e6b8
SSDEEP

1536:K8Xxqb8dZo2dykXZLC5/EMEdbbYLo7cIJXw09TVMmy5TsRJ3kAPiihxuC6yq4mM:AAdZoeysRYcdILG9Bw4MmATqkjIDx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
397a84b8df02b7bc2fb1148920f2f70f

Files

397a84b8df02b7bc2fb1148920f2f70f
.exe windows:4 windows x86 arch:x86

72e94f2f8a3624f6a1a7d87453006074

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHFileOperationA
Shell_NotifyIconW
SHGetDiskFreeSpaceA
DragQueryFileA

kernel32

LoadLibraryA
ExitThread
ExitProcess
VirtualAlloc
CloseHandle
Sleep
GetProcessHeap

user32

GetMenu
IsMenu
GetSysColorBrush
DrawMenuBar
GetSystemMenu
GetSysColor
GetTopWindow
GetCapture
GetWindow
GetActiveWindow
GetWindowDC

comctl32

ImageList_Create
ImageList_GetBkColor
ImageList_Add
ImageList_Draw
ImageList_Remove
ImageList_DragShowNolock
ImageList_Destroy
ImageList_Read
ImageList_Write
ImageList_DrawEx

Exports

Exports

_UT1mej8ZlD@4
MfNhuJnA@12
RCn0bpD@20

Sections

CODE
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 964B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 1024B - Virtual size: 1019B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ