42d9a0bae4bcc03f5591e05d5e57599d | Triage

Sharing

General

Target

42d9a0bae4bcc03f5591e05d5e57599d
Size

26KB
MD5

42d9a0bae4bcc03f5591e05d5e57599d
SHA1

42721735160d7b1c7d0b9df963222d741ba37235
SHA256

0880fe1b760be5a792fb56369dd07c5a37bca3d6c7a24e0d23acfa57fbb2fc13
SHA512

7f62dcd9c4ae1ae543e88fe3fb83170958c98bf141fcef1e4505db565009234b5241b599a3f30a5aafc9f9ef0d37dce8fc77615873b744c2fc106fca1a13e2c7
SSDEEP

384:aiJccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccW:ai97UTyiWyNft

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42d9a0bae4bcc03f5591e05d5e57599d

Files

42d9a0bae4bcc03f5591e05d5e57599d
.exe windows:4 windows x86 arch:x86

c293add95dc960afa5555060868d0d58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
GetVersionExA
GetCommandLineA
Sleep
GetStdHandle
GetFileSize
lstrcpyA
lstrlenA
GlobalFree
LocalAlloc
GetStartupInfoA

gdi32

CreateCompatibleDC
GetDeviceCaps
SetROP2
GetObjectA
DeleteObject
GetBkColor
BitBlt
SelectObject
PatBlt
MoveToEx
GetTextMetricsA
CreateFontIndirectA
GetStockObject

user32

GetClientRect
BeginPaint
DefWindowProcA
ScreenToClient
GetMessageA
SetWindowTextA
DispatchMessageA
MessageBoxA
EndPaint
ShowWindow
PostQuitMessage
GetFocus
TranslateMessage
LoadIconA
DialogBoxParamA
EndDialog

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ