72f05b405af55212e2e5c2363c6c7223 | Triage

Sharing

General

Target

72f05b405af55212e2e5c2363c6c7223
Size

93KB
MD5

72f05b405af55212e2e5c2363c6c7223
SHA1

c681bee6be781a37e32b13b230bb9c161e92b8a0
SHA256

d7bf5420fc871697d9d048352e6ef982d5bd9817c893be895ac1e19be157a306
SHA512

f143a12458606cd43638191861955d91b15da534e28de66aea50e586490e370c966e06536222ea2e30c53475b9899508bb16dc90df05ecb2cca5af9d3b091e4e
SSDEEP

1536:DtcqRs40CiItPlou1QwM+w4j66SIllFuB+iYCu803p/2s/4qhATUhT9QbWIsM4st:RcqRs4BPWu1fwY64Tyu803p/d1h5Qj5F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72f05b405af55212e2e5c2363c6c7223

Files

72f05b405af55212e2e5c2363c6c7223
.dll windows:4 windows x86 arch:x86

da125fa0c22be729b482deb9f918c893

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowWindow
OffsetRect
GetDC
EndPaint
DrawTextA
DrawIcon
DestroyWindow
CreatePopupMenu

kernel32

GetEnvironmentStringsA
GetStringTypeA
GetModuleFileNameA
FlushFileBuffers
ExitProcess
CreateProcessA
WriteFile
TlsGetValue
Sleep

advapi32

RegSetValueExA
RegCloseKey

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ