a30d050141da1758ba0c20caad4d254f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a30d050141da1758ba0c20caad4d254f
Size

198KB
MD5

a30d050141da1758ba0c20caad4d254f
SHA1

a51209ad430d71928209688a673823b69b495662
SHA256

4e07b3e7042bb255c5bee95d42d0fc7512515adb9acedadc86a413c205078d07
SHA512

a13ee9d0c99803b22306624df55e4072f2650fb76b975ed596937d5023bb0fbef803336308e2be49e3dc7ab784d592af210d6ddb6cafc2103b2b560bfc95a3ed
SSDEEP

6144:5bmLciLhqPcTReKuUdw/swfoJ035YowWC2Gc:JwciLhqP/hUdmTp/ic

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a30d050141da1758ba0c20caad4d254f

Files

a30d050141da1758ba0c20caad4d254f
.exe windows:4 windows x86 arch:x86

17c639f0b5712e87efc5cb0ca9bc8677

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleOutputCP
GlobalGetAtomNameA
IsValidCodePage
SetFilePointer
MultiByteToWideChar
TlsAlloc
TlsSetValue
TlsGetValue
GetTimeFormatA
HeapReAlloc
EnumResourceNamesA
VirtualAlloc
HeapSize
RtlUnwind
GetACP
CreateHardLinkA
GetLocaleInfoA
SetStdHandle
WriteConsoleA
GetCPInfo
GetDateFormatA
GetOEMCP
RaiseException

user32

CharNextA
MessageBoxA
DispatchMessageA
DispatchMessageW
PeekMessageA
GetDesktopWindow
LoadStringA
wsprintfA

rpcrt4

RpcStringFreeA

shell32

SHGetFolderLocation
SHGetMalloc
SHGetDesktopFolder
SHGetSpecialFolderLocation
DragAcceptFiles
ShellExecuteExA
SHBrowseForFolderA
SHGetPathFromIDListA
ShellExecuteA
SHAppBarMessage
SHGetFileInfoA
Shell_NotifyIconA

Sections

.text
Size: 127KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 152KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ