889cf58fa4dc8aa09ddd4658b211b670 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

889cf58fa4dc8aa09ddd4658b211b670
Size

187KB
MD5

889cf58fa4dc8aa09ddd4658b211b670
SHA1

2ca4639bdbec7aae9e546ed1a473c99fad05316e
SHA256

7205ded4258de4456c2efc9e4105e9e93d5ec062d7d63b54c60bcc170c464e48
SHA512

fd7016e533552849700e2edcbbcb87e0b59a36ad4130f58938cf562216d381c3c54dc697d58cfe84446f816e3ab63574e25560ec7227cf8364c2d8c07b97255b
SSDEEP

3072:AcVPjmA80AgykwazfKw2CPhT4Vf4MI/lsP9Sv0JHcaJJydAP7N3Q0gQMHIE:rmA9rcsT4Vf4OPny+odAjhUQO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
889cf58fa4dc8aa09ddd4658b211b670

Files

889cf58fa4dc8aa09ddd4658b211b670
.exe windows:5 windows x86 arch:x86

d52210996d23d5fe8756db2e81c9fecd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

I:\zIyxYD\sljntT\YOEl.pdb

Imports

gdi32

GetSystemPaletteEntries
EndPath
SetBitmapDimensionEx
SetDIBitsToDevice
CreateFontIndirectW
CreateSolidBrush
ResizePalette
GetTextExtentPointW

user32

GetWindowLongA
GetScrollPos
ShowScrollBar
SendMessageW
GetClassInfoA
InSendMessage
ReplyMessage
CharUpperW
IsChild
GetWindow
SendInput
CharLowerBuffW

comctl32

ImageList_Remove
PropertySheetA

kernel32

LoadLibraryW
GetSystemTimeAdjustment
GetStdHandle
GetLongPathNameW
ClearCommError
GetAtomNameW
lstrcmpiW
GetProcAddress
CreateMailslotW
FileTimeToDosDateTime
GetSystemWindowsDirectoryA
InitializeCriticalSection

Exports

Exports

?dxzjASrrbsI@@YGJEPAH@Z
?kqFtGvAz@@YGPADKJ@Z

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ