71bdfeb8ddb69cc21b5c2541b422ffb0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

71bdfeb8ddb69cc21b5c2541b422ffb0
Size

55KB
MD5

71bdfeb8ddb69cc21b5c2541b422ffb0
SHA1

519f42dacccf3df9e62207909e2ad1e9f9d5c2cd
SHA256

b9c8afa89940c2c1ecafd4b39e9fbbcd3f3ca717426e404b264413d9e75b620a
SHA512

359b2ef807daef46550d4474a1692db1353343c92f33abbf29ac18262d0f63e2cfe803958e4f1838e2e93b8095da27bf94e39412b9b3c3880cffe01488d68b14
SSDEEP

1536:p9Fni+lPPd0stGGY6kQC4WVLM3ql7d4rT9s+qLXZeJ:Vi+1Pyc/C4WVQ3qVi9s+qLJy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71bdfeb8ddb69cc21b5c2541b422ffb0

Files

71bdfeb8ddb69cc21b5c2541b422ffb0
.exe windows:4 windows x86 arch:x86

6dc4fd292dc82e160b8f7aabd85b72f4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ConvertThreadToFiber
EndUpdateResourceW
ExitProcess
GetExitCodeThread
GlobalGetAtomNameW
IsDBCSLeadByteEx
ReadProcessMemory
SetupComm
WaitForMultipleObjectsEx

advapi32

CryptSignHashA
GetExplicitEntriesFromAclW
ImpersonateNamedPipeClient
RegCreateKeyA
RegDeleteValueW
RegFlushKey
SetSecurityDescriptorGroup

shell32

Control_RunDLLW
DllGetVersion
DragQueryFile
DragQueryFileA
DuplicateIcon
ExtractIconExA
FindExeDlgProc
InternalExtractIconListA
SHBrowseForFolderW
SHEmptyRecycleBinW
SHGetSpecialFolderPathA
SHHelpShortcuts_RunDLLW
ShellExecuteA
Shell_NotifyIcon

gdi32

CloseMetaFile
ExtFloodFill
GdiPlayScript
GetCharWidth32A
GetEnhMetaFilePaletteEntries
GetGlyphOutline
GetGlyphOutlineA
GetSystemPaletteUse
GetTextCharacterExtra
GetTextColor
GetTextExtentExPointW
PathToRegion
PolyDraw
Polygon
RealizePalette

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE