0328146e98711e9b1a8c56750932d5b489774cfdc887e29898a95151546bbfe0 | Triage

Sharing

General

Target

0328146e98711e9b1a8c56750932d5b489774cfdc887e29898a95151546bbfe0
Size

311KB
MD5

abdebde2e479004a3250abf847c45be7
SHA1

ba8b03cc3ac9704ff8bd669c16d2a6ffad9b3fa7
SHA256

0328146e98711e9b1a8c56750932d5b489774cfdc887e29898a95151546bbfe0
SHA512

c213fa2f037cdc7f60f684c25f880e2617e22ac630cf76fa9fa165ce5716cbd3a323f3c6c54be373b00de24aabe7356a77dbc840ba9e5b186cbbed568fcb86d9
SSDEEP

6144:bfSby/0nKkjt6U917asZ1r0yVb+yB7vmK/bv+A8B5BddBxJ592v:CkgZfirYWA8bBnS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0328146e98711e9b1a8c56750932d5b489774cfdc887e29898a95151546bbfe0

Files

0328146e98711e9b1a8c56750932d5b489774cfdc887e29898a95151546bbfe0
.exe windows:4 windows x86 arch:x86

14d7b8fa7b943fe7eb3132d50481dcdd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CLSIDFromString
CoTaskMemFree
StringFromCLSID
CoCreateInstance

gdi32

CreateFontIndirectW
GetLayout

oleaut32

VarBstrCmp
SysStringLen
GetErrorInfo
VariantInit
SysAllocStringLen
SysStringByteLen
SysAllocString
SysAllocStringByteLen
VariantClear
SysFreeString

kernel32

lstrlenW
IsDebuggerPresent
lstrlenA
DeleteCriticalSection
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
UnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
GetCurrentThreadId
GetModuleHandleA
VirtualAlloc

user32

GetDC
DialogBoxIndirectParamW
CreateAcceleratorTableA
LoadMenuW
DestroyCursor
OffsetRect
LoadImageA
LoadImageW
wsprintfW
MonitorFromRect
EnumWindows
WinHelpA
ShowCursor
SetActiveWindow
FindWindowA
CharPrevA
CheckMenuItem
IsIconic
LoadIconA

corpol

CORLockDownProvider
DllUnregisterServer

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 20KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ