438840a828a259f5191d80436faf37ad | Triage

Sharing

General

Target

438840a828a259f5191d80436faf37ad
Size

187KB
MD5

438840a828a259f5191d80436faf37ad
SHA1

31eb51f3627d1fcdd3895cd5969cb77dba0c1926
SHA256

481e8252b1e083eef939cf57c6b1dd2929083b72a0517dcfa78243aad442dbac
SHA512

548759e865b2d15f38f67f400ee926ff2bf2b19806ee4e1f79eb44e411f24e449c86d05c356ca08af8cac5c342c30b7d5b3a66013363dd81a78d5f426438f253
SSDEEP

3072:crWqzy/iFj85uZvlywtd94jALUbM1qQpIDUPFdpyXkU6lxDswlRc3lgTX0PBxJ5G:c9qf5ue84jkUA1q6P3pydwxDs4RcVKEu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
438840a828a259f5191d80436faf37ad

Files

438840a828a259f5191d80436faf37ad
.exe windows:4 windows x86 arch:x86

cbe1d0438a73596c96e50730be38160e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidCodePage
WriteConsoleA
SetFilePointer
GetAtomNameA
GetOEMCP
HeapReAlloc
TlsSetValue
VirtualAlloc
GetACP
GetTimeFormatA
GetDateFormatA
GetLocaleInfoA
TlsAlloc
EnumResourceNamesW
GetConsoleOutputCP
CreateSemaphoreA
RtlUnwind
GetCPInfo
MultiByteToWideChar
TlsGetValue
HeapSize
SetStdHandle
RaiseException

user32

DispatchMessageW
GetDesktopWindow
PeekMessageA
CharNextA
DispatchMessageA
MessageBoxA
LoadStringA
wsprintfA

shell32

SHGetUnreadMailCountW
ShellExecuteExA
SHGetPathFromIDListA
DragAcceptFiles
SHAppBarMessage
SHBrowseForFolderA
SHGetFileInfoA
Shell_NotifyIconA

rpcrt4

RpcStringFreeA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ