711c376e08490041453a3fd7b4b6cfa2 | Triage

Sharing

General

Target

711c376e08490041453a3fd7b4b6cfa2
Size

54KB
MD5

711c376e08490041453a3fd7b4b6cfa2
SHA1

be61a7d5301ee58f4484e06a8f1d85feb9ec3287
SHA256

0947b54e44d4ec524584d5f2b124a179372b4712b08955178c8b4f6439d2af0e
SHA512

441baa302234c1200a025cdd7fb91ba7da0d015e95f15e85e73d97927b99099d9c9425b975c38988b46fe9778044408bb98d3f97ef6924602c2ac4af0e9d915e
SSDEEP

1536:RP3EXo1sVLiIlnZv9M8UadtL6TQ658tw9Jh2:GWs4wnZ5ddNhtwM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
711c376e08490041453a3fd7b4b6cfa2

Files

711c376e08490041453a3fd7b4b6cfa2
.exe windows:4 windows x86 arch:x86

0c8cf9df3e42985b0979ef2cc7d967a5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
ExpandEnvironmentStringsW
FindAtomW
FoldStringW
GetCommandLineW
GetFileAttributesA
GetLogicalDriveStringsA
GetShortPathNameA
GlobalDeleteAtom
InterlockedDecrement
OpenProfileUserMapping
SetHandleInformation
SetThreadIdealProcessor
UnmapViewOfFile
WritePrivateProfileStringA

advapi32

BuildImpersonateExplicitAccessWithNameA
BuildImpersonateExplicitAccessWithNameW
BuildTrusteeWithNameA
GetNamedSecurityInfoA
GetNumberOfEventLogRecords
IsValidSecurityDescriptor
LookupPrivilegeDisplayNameW
NotifyBootConfigStatus
RegReplaceKeyW

user32

CharUpperA
CheckDlgButton
CreateDesktopW
CreateIconIndirect
DdeNameService
DdeQueryNextServer
EnumPropsExW
GetGuiResources
SetProcessWindowStation
UnhookWinEvent
UnlockWindowStation

shell32

Control_FillCache_RunDLLA
ExtractIconEx
ExtractIconResInfoA
OpenAs_RunDLL
RealShellExecuteA
SHChangeNotify
SHGetPathFromIDListA
SheChangeDirExW
SheGetPathOffsetW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE