73acea44fbbe0c1fc2e5590e377df9c6 | Triage

Sharing

General

Target

73acea44fbbe0c1fc2e5590e377df9c6
Size

276KB
MD5

73acea44fbbe0c1fc2e5590e377df9c6
SHA1

43bd62fe3189f5694156ca93fcf8bb10f0148f54
SHA256

bcf21b35c9471c18119fe024c10025e24f7ae762dec72d9fe752975f19e957fd
SHA512

b8b58b4d9f8033ce63ef45d0e94e0849e41c7852a0ae2c2131b1a37370dc70c63dd4db4e2e3b3c5ef21da08e5c4dd185df488bd34e42170278a8c37f237bfd2e
SSDEEP

6144:NX4i4Zs/ON7CJVFJRwAGRtS2wWAgZzc0kq/pe9Ijm:NjWZE7JRotSC120cM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73acea44fbbe0c1fc2e5590e377df9c6

Files

73acea44fbbe0c1fc2e5590e377df9c6
.exe windows:4 windows x86 arch:x86

55d588833544b09441ba7dde37ce9a3f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth
SetupDiGetDeviceRegistryPropertyW
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

AddAtomW
SetStdHandle
EnterCriticalSection
GetCurrentProcess
IsBadCodePtr
RaiseException
GetStringTypeW
LCMapStringW
GetModuleHandleA
SetFilePointer
IsBadReadPtr
HeapAlloc
DeleteCriticalSection
CloseHandle
FlushFileBuffers
GetStringTypeA
EnumResourceNamesA
RegisterWaitForSingleObject
FlushInstructionCache
InitializeCriticalSection
LCMapStringA
InterlockedDecrement
GetLastError
GetSystemTimeAsFileTime
GetCurrentThreadId
LeaveCriticalSection
GetCurrentProcessId
InterlockedIncrement
LoadLibraryExA
SizeofResource

gdi32

CreateFontIndirectA

gdiplus

GdipCreateHBITMAPFromBitmap
GdipCloneImage

shell32

Shell_NotifyIconA

Sections

.text
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ