ad376c2fae3c96dfdfad0ca207e03415 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ad376c2fae3c96dfdfad0ca207e03415
Size

16KB
MD5

ad376c2fae3c96dfdfad0ca207e03415
SHA1

db4a06adc5ebebb6072b017f30cb455bd35a25c3
SHA256

c61e0b09b252459e32da4276f9aa95285c3547a1e9ce67e19da8bab2156589d0
SHA512

a6b31dc3dcad99694e095e20a92a1be50846de63a56c6f5392dba8a367817af03481017d67e0e60e195f5d1d8efd6e6f636f36678c6cabb0d59bb9787c4bc49c
SSDEEP

384:m5AiJh1/0+1LSw/9t1gJKWZLLAKbxlWip+:ithC+xSmT16xF3x+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad376c2fae3c96dfdfad0ca207e03415

Files

ad376c2fae3c96dfdfad0ca207e03415
.exe windows:4 windows x86 arch:x86

492ea3d4fb9db3f4ecdcff3432249b0e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LockResource
SetConsoleOutputCP
GlobalUnlock
HeapCreate
CloseHandle
InterlockedExchange
GetDriveTypeA
SetErrorMode
GlobalAddAtomA
GlobalFree
EnterCriticalSection
GetStdHandle
GetACP
Sleep
GetLocaleInfoA
GetLastError
RaiseException
LoadLibraryExA
GlobalDeleteAtom
FoldStringA
VirtualProtect

user32

GetMenuItemInfoA
GetClassNameA
IsIconic
BeginPaint
GetCursorPos
GetActiveWindow
GetWindow
DrawEdge
GetParent
CharToOemBuffA
ShowWindow
GetWindowTextA
DrawTextA
GetFocus
ClipCursor
ValidateRect
SetForegroundWindow
EndPaint
ReleaseDC

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA
VerInstallFileA
VerFindFileA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ