420102c7282ab217e3be9846c58bb3cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

420102c7282ab217e3be9846c58bb3cd
Size

637KB
MD5

420102c7282ab217e3be9846c58bb3cd
SHA1

e3a3f9e20f8351d5158594e92726cc39bea4096c
SHA256

e3fc1233d4c44bbfca4213994d5ea299a838d2775f98fbcc02cd13676c8a8077
SHA512

f32d81693352771a52bd5697f3222e5c59b6c68b7137a5b82337e94dbc6a1a3ac98da67b3b45b957bc5825295e038a0d5ec4401f9480b626a4fe971f4fc1d668
SSDEEP

12288:UdeyWFNcU2j2IK66uxQf0XCFo20551DfE2RRU/pGV44Vg69MwbO+kPzd1lHYi0m/:VFNcrj2INQf0XCypfE2fUkg6vbKd3Y+7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
420102c7282ab217e3be9846c58bb3cd

Files

420102c7282ab217e3be9846c58bb3cd
.exe windows:4 windows x86 arch:x86

4e8670f0652b39fce682da2897ae3a78

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
InterlockedExchange
HeapCreate
GetVersion
VirtualProtect
CompareFileTime
CloseHandle
GetStdHandle
WaitForMultipleObjects
GetConsoleCP
SetConsoleCP
GetCommandLineA
GetSystemDefaultLangID
LoadLibraryExA
GetModuleHandleA
GlobalUnlock
GetTickCount
SuspendThread
GetAtomNameA
WaitForSingleObject
HeapReAlloc

user32

InvertRect
DrawCaption
FillRect
CreateMenu
FindWindowA
CreateIcon
GetKeyState
GetKeyboardLayout
EnableScrollBar
SetScrollInfo
GetCursorInfo
DialogBoxParamA
SetWindowPos
DestroyMenu
SetPropA
DispatchMessageA
GetDlgItem
InsertMenuA
DragObject
CopyImage
IsDialogMessage

advapi32

RegEnumKeyA
RegQueryInfoKeyA
RegCloseKey
RegEnumValueA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ