4355839c54032e9b69dd72d21aefd05d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4355839c54032e9b69dd72d21aefd05d
Size

79KB
MD5

4355839c54032e9b69dd72d21aefd05d
SHA1

a273fbc0d800e308f2ba9abf3cb3b1b2188c5b24
SHA256

7dd42add7ab75f78ba7e4e6a58e7b9c158e1d2b695770cb2f9cad5fc96dfe425
SHA512

a537a247bee623fe1717aa9889256bd1fce94fc8dc6b65329f248ee6c12614f8be783c8b6bdfb2f11620de3bd6155cf7739634a3c3605496f5a0095270c8d84c
SSDEEP

1536:M2i1nkuSK2809Yw/2UGtxKtoMIGFwpJSdDD4vrFmcKgfpAurLDw4Nu1iz:MMbKhiYwq/tvGiSdD2FmcrphfNu8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4355839c54032e9b69dd72d21aefd05d

Files

4355839c54032e9b69dd72d21aefd05d
.dll windows:4 windows x86 arch:x86

a7958f51786ad383ece853a3406c379f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
ExitProcess
GetACP
GetCommandLineA
GetConsoleMode
GetCurrentProcess
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetThreadContext
GetVersionExA
GlobalLock
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TerminateProcess
lstrcatA

user32

ScrollWindowEx
GetWindowRect
GetWindowLongA
GetUserObjectSecurity
GetMenuItemID
GetMenuItemCount
DrawMenuBar
DrawFrameControl
CreatePopupMenu
GetDesktopWindow

ole32

CoFileTimeNow
StringFromGUID2
CoBuildVersion
CoCreateInstance

advapi32

LsaQuerySecurityObject
GetMultipleTrusteeOperationW

shlwapi

PathRenameExtensionA
StrTrimA
SHRegGetPathA
StrToIntA
StrStrW
StrStrIA
StrStrA
PathFindFileNameA

shfolder

SHGetFolderPathA

Sections

.text
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ