39f65eb60578fafd0df50305fd87a1a5 | Triage

Sharing

General

Target

39f65eb60578fafd0df50305fd87a1a5
Size

286KB
MD5

39f65eb60578fafd0df50305fd87a1a5
SHA1

c4be9cb53658e3d9592288e31b32733e4b1e80cc
SHA256

503489f6a200d5bad10841f8740c481b96ff17a08b8edc476b7722853bba23ed
SHA512

e82d9cf2ee64cc21bfba41733ee41538af4daf611dd87c9adbfd51c76f5f7df22fa75de68ce0bce1a7f6d48320a5269e9052309ed88156d9a7a26d47fdc57241
SSDEEP

6144:eKK9AIV8+3vko4UWDxjyaz6BNG+D+Pbhjesi1cT:mGIV8OlgVxuNoPtmW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
39f65eb60578fafd0df50305fd87a1a5

Files

39f65eb60578fafd0df50305fd87a1a5
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

db6f9c0ea566b0945b5a462400fff27a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapDestroy
GetThreadPriority
InterlockedExchange
VirtualProtect
CreateFileMappingA
LoadLibraryExA
GetCurrentProcess
GetTimeFormatA
GetACP
GetStdHandle
CreateHardLinkA
GetModuleHandleA
DeleteAtom
GetEnvironmentStringsA
GetCurrentThread
HeapCreate
GetLogicalDrives
CreateThread
GetCommConfig
IsDebuggerPresent
GetCurrentProcessId

user32

SetActiveWindow
GetClassNameA
GetCursorPos
EndPaint
GetWindowTextLengthA
FillRect
DragDetect
GetDlgItem
GetParent
GetWindow
wsprintfA
FrameRect
GetTitleBarInfo
SetForegroundWindow
GetFocus
ReleaseDC
DrawTextA
BeginPaint
ShowWindow

advapi32

RegCreateKeyA
RegEnumKeyA
RegFlushKey
RegCloseKey
RegQueryInfoKeyA

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 976KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ