bd4346864e7b51331228a4a764ab2375 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bd4346864e7b51331228a4a764ab2375
Size

636KB
MD5

bd4346864e7b51331228a4a764ab2375
SHA1

ef270a1553a3133ff0a95f05f51da895c15ca52b
SHA256

7ea95b107b4765f425ad18f69461dcaad52e8df828dcd9da53cc0bca08c47b78
SHA512

2d9d0faba4b8be9b096e9e3015673c06d0f2054d94a951b8ce86f83b88e7b13c70ae1b51220b99c93b67c79784d525e08fe2c5676257ed85a0ab9989b91f17e3
SSDEEP

12288:6FCcWetVnPy63WqPjKaskE8xgZDeGZaLd3ZOjL8m0bfdAi1W/Lu6if4QQqMv07X:6FCMtVa63WqPjKash8ginFZO/8bbf+xK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bd4346864e7b51331228a4a764ab2375

Files

bd4346864e7b51331228a4a764ab2375
.exe windows:4 windows x86 arch:x86

66d15a6110d7c397f32794c64ca9077e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
LoadLibraryA
GetACP
WriteConsoleA
InterlockedExchange
OpenSemaphoreA
GetCurrentProcess
HeapDestroy
FormatMessageA
GetThreadPriority
GetCurrentProcessId
GetModuleHandleA
GetEnvironmentStringsA
GetCurrentThread
FlushFileBuffers
VirtualProtect
GetStdHandle
HeapCreate
GetExpandedNameA
DeleteAtom
IsDebuggerPresent

user32

SetForegroundWindow
GetParent
ValidateRgn
DrawTextA
GetClassNameA
IsIconic
GetFocus
SetActiveWindow
ShowWindow
GetWindow
GetCursorPos
wsprintfA
EndPaint
ReleaseDC
FrameRect
GetWindowTextLengthA
FillRect
BeginPaint
GetDlgItem

linkinfo

IsValidLinkInfo
DestroyLinkInfo
GetLinkInfoData
ResolveLinkInfoA
GetCanonicalPathInfoA

uxtheme

GetThemeSysFont

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ