03722e57e4466a4e5c8d1304845e2fb50a4fda94d196bbf58c656ec7ed2429ee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

03722e57e4466a4e5c8d1304845e2fb50a4fda94d196bbf58c656ec7ed2429ee
Size

157KB
MD5

1b8655d66784a51c9be6e058b3aa0560
SHA1

2938779fe998d5cee36612205abb9aab4f453472
SHA256

03722e57e4466a4e5c8d1304845e2fb50a4fda94d196bbf58c656ec7ed2429ee
SHA512

2dd7b04324835e86532f490358e04ab53d626e95ca38851460b4ea214ca6edb27f3b962728d51897fe942be7107354f9b60911e0ac21514902b081aa6090a1ee
SSDEEP

3072:fDDW62h5yk7h7hhMS6zOwIknTd7lG6z1UVII2FRfN7Wlut0eDy5oj:f257hrwIET1sg1UqI29e4Dnj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03722e57e4466a4e5c8d1304845e2fb50a4fda94d196bbf58c656ec7ed2429ee

Files

03722e57e4466a4e5c8d1304845e2fb50a4fda94d196bbf58c656ec7ed2429ee
.exe windows:4 windows x86 arch:x86

ba0e34157952f5c0cec8cd6935877c41

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetStartupInfoW
LocalFree
lstrcpynW
FormatMessageW
GetModuleHandleW
GlobalUnlock
GlobalLock
GlobalAlloc
lstrlenW
lstrcpyW
GlobalFree
SetLastError
WideCharToMultiByte
GetProcAddress
GetModuleHandleA
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedDecrement
CloseHandle
lstrcmpW
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
ExitProcess
RtlUnwind
GetSystemTimeAsFileTime
GetCommandLineA

shell32

ShellExecuteExW

shlwapi

SHDeleteKeyW
PathCombineW

ole32

CoRevokeClassObject
CoQueryProxyBlanket
CoCopyProxy
OleIsCurrentClipboard
OleInitialize
CoFreeUnusedLibraries
OleUninitialize

Sections

.text
Size: 57KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 284B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ