a339118859e399bcaa6f7d311be6522e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a339118859e399bcaa6f7d311be6522e
Size

210KB
MD5

a339118859e399bcaa6f7d311be6522e
SHA1

c3726688f6be13b0a64a11e0e557140cc83684c2
SHA256

8450e3057ed34983a5ab2d45d93766db6664fcad409989d61bb8e7a6c8301dbd
SHA512

4c24dbbda9c0c3ead9a19aaf541a4ce2d0a3dabb4ec94b88629c70fc77bbd21774cbfdabe3a71dd4f82df260648f79567f0febe4751d8bdba616f6c4ef4c5a8e
SSDEEP

3072:pqmgg9dO3ONq7fmQb3J5XW9MTRiKZjmWy+jC2lZv1WfVlRPYk0cFXCudhgxK:0wO5j95XvsyvvEdz8Mh5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a339118859e399bcaa6f7d311be6522e

Files

a339118859e399bcaa6f7d311be6522e
.exe windows:4 windows x86 arch:x86

edb4fccb9add90840653188559f648d6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
FileTimeToLocalFileTime
GetFileSize
GetLastError
GetStringTypeExA
GlobalAlloc
InterlockedCompareExchange
LocalFileTimeToFileTime
SetLastError
TlsGetValue
UnmapViewOfFile
VirtualAlloc
lstrcmpiW

user32

BeginPaint
CreateMenu
DrawEdge
DrawMenuBar
EnumWindows
FindWindowA
GetClassNameA
GetForegroundWindow
GetMenu
GetParent
GetScrollInfo
GetSysColor
GetSystemMenu
GetWindow
GetWindowPlacement
PostQuitMessage
SetRect
SetWindowsHookExA
ShowWindow

gdi32

AddFontResourceA
CloseEnhMetaFile
CreateFontA
DeleteEnhMetaFile
DeleteMetaFile
EnumFontFamiliesA
EnumFontFamiliesExA
GetEnhMetaFileBits
GetStretchBltMode
InvertRgn
LineDDA
PtVisible
Rectangle
RestoreDC
SetDIBits
TranslateCharsetInfo

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ