407381d8c16570d51b0cb83620e79b38 | Triage

Sharing

General

Target

407381d8c16570d51b0cb83620e79b38
Size

34KB
MD5

407381d8c16570d51b0cb83620e79b38
SHA1

33b3060f4cc93254f646655bc766066e721103aa
SHA256

9c94f012a563c928d79b0e03cdf3472ec77da99316251764c39714e09742be1c
SHA512

2cc3e2285f001b736983990d1ed934230d3428987d7abddb5d2979070410e4f58e0a1e3d2e46b8d9029d55f22e5c133d353a707bb87feaf39c606f52b389c6af
SSDEEP

768:nXdpwXLs9sppAMvBF+ea2dYe9ZXtpThxZrn4UP+AFW:nXjwXxQM5vnHtpT7Zrn4UP+AW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
407381d8c16570d51b0cb83620e79b38

Files

407381d8c16570d51b0cb83620e79b38
.exe windows:4 windows x86 arch:x86

af7fdb9ebf2cb69a553a3b994499fc16

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleWindow
CompareFileTime
CopyFileW
CreateThread
DefineDosDeviceW
EnumResourceTypesW
GetCommConfig
GetDateFormatW

msvcrt

_mbccpy
_mbctombb
_mbsdec
_pctype
_snprintf
_snwprintf

shell32

DragQueryFileAorW
StrStrIA
DuplicateIcon

Sections

.text
Size: 20KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE