75e99d89202640ee02d85880d62373f9 | Triage

Sharing

General

Target

75e99d89202640ee02d85880d62373f9
Size

272KB
MD5

75e99d89202640ee02d85880d62373f9
SHA1

d2e5e3982a0e77a33e78874f1f08768619cba88e
SHA256

3beb5160f3dc4b408f305c1eec4fd05f21cb6283209028c56a4f5d1de463ab90
SHA512

1c9dd3d1ff561d30c2093f1a4274fd2ab9bfb50194c05ded170fee175ce0a3939ac438db58c6ea4859aa8713420a053e3fd13d583535f48eb14db15f61e3b890
SSDEEP

6144:M2/NtDqqPPlpyeJBn7p4Kd2dUnAmp4HZRreEK:M2/NRnPLp4Kd5A+IZRPK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75e99d89202640ee02d85880d62373f9

Files

75e99d89202640ee02d85880d62373f9
.exe windows:4 windows x86 arch:x86

a08153d6a9b4caf265b3dbc869f7a6bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
FreeLibrary
GetProcAddress
LoadResource
GlobalSize
GetPrivateProfileIntW
InitializeCriticalSection
GetTickCount
MultiByteToWideChar
GetVersionExA
LoadLibraryA
FindFirstFileW
DeleteCriticalSection
GetVersionExW
EnumResourceTypesA
lstrlenW
LockResource
GetPrivateProfileStringW
FindClose
GetCPInfo
WritePrivateProfileStringW
GetModuleFileNameW
Sleep
MulDiv
LoadLibraryW
GetModuleHandleW
GetLocaleInfoW

wininet

HttpQueryInfoA
HttpOpenRequestA
InternetCrackUrlA
HttpSendRequestA
InternetOpenA
InternetConnectA
InternetCloseHandle
InternetReadFile
InternetTimeToSystemTime
InternetErrorDlg
InternetTimeFromSystemTime

shell32

DllGetVersion
ShellExecuteExW
ShellExecuteExA
SHGetFileInfoA
ShellExecuteW
SHGetFolderPathW
CommandLineToArgvW
SHGetPathFromIDListA
SHFileOperationW
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ