42af8565ab9e0a9d68f650c794eac276 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

42af8565ab9e0a9d68f650c794eac276
Size

53KB
MD5

42af8565ab9e0a9d68f650c794eac276
SHA1

988cd9bf7b30188fca390c5e7066321cbe9adf18
SHA256

42e4369b72d10132500170608f86325c5079c9b4f27a60be9a47ecfe42f57656
SHA512

1d9f2460ac967764534a4d2a8da015858ec1bfbdb972762a4f62b11e02668bab38337f21ca8596084795585eafb4316289d4eefb08b1fee82a9d416cffedc01e
SSDEEP

1536:m4NmirRPvipRdkqTNz5bIiB/tiCDMKeEbm2V8cwso7LyW:m4NJFni3150KDU2Gqo7LP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42af8565ab9e0a9d68f650c794eac276

Files

42af8565ab9e0a9d68f650c794eac276
.exe windows:4 windows x86 arch:x86

e9abdfeeb84308131fc8ab8b418ddad9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectA
SelectObject

shlwapi

PathRemoveBlanksA
PathGetDriveNumberW
StrTrimA

kernel32

GetCurrentDirectoryA
FindClose
OpenFileMappingW
GetVolumeInformationA
SetCurrentDirectoryA
GlobalUnlock
ExitProcess
GetModuleFileNameA
SetLastConsoleEventActive
SetErrorMode
GetEnvironmentVariableA
GlobalFree
GetProcAddress
DosDateTimeToFileTime
GetCommandLineA
FindFirstFileA
_lclose
GetVersion
CreateDirectoryA
lstrcmpiA
GlobalAlloc
GlobalHandle
WinExec
SetFileTime
lstrcatA
FreeLibrary
_lwrite
GetDriveTypeA
GetLogicalDrives
_lopen
GetTimeZoneInformation
GetModuleHandleA
DeviceIoControl
_llseek
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GlobalLock
_lcreat
LocalFileTimeToFileTime
_lread

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 37KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ