c042b3e83746d8395325b204ff2edf8e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c042b3e83746d8395325b204ff2edf8e
Size

8KB
MD5

c042b3e83746d8395325b204ff2edf8e
SHA1

57051c51dda27fbf0e492bc062411e0f7ec87d82
SHA256

4de67f85edc604ba5eeaaf8465a93cad946b48169ade0d031142415fb4092efe
SHA512

fa2acdc8ee8dc380877885b5949079aed59fdf8f0547f336e8234b20b6b92e32106239ea422e2affe07a79f5e9aa6e5ffef7622af7368d00cfe590f847638a90
SSDEEP

192:hdh2jTInpkOFOA1BMQmnQ8CXCpjPzriabq:bh2jMpkOFL/sQ8CibriL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c042b3e83746d8395325b204ff2edf8e

Files

c042b3e83746d8395325b204ff2edf8e
.exe windows:4 windows x86 arch:x86

3f57d7b85cd3c0364f35c9426c08ef5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
lstrcat
LoadResource
LoadLibraryExA
SetConsolePalette
GetOEMCP
LocalFree
GlobalAddAtomA
SetCommBreak
EnterCriticalSection
GetLastError
GetStdHandle
WriteProfileStringA
GlobalUnlock
DeleteAtom
IsBadCodePtr
RaiseException
VirtualAlloc
CloseHandle
GlobalFree
HeapCreate

user32

DrawEdge
GetWindowTextA
GetDC
GetClassNameA
IsIconic
GetWindowTextLengthA
GetWindow
GetForegroundWindow
ReleaseDC
EndPaint
CloseWindow
ValidateRect
GetActiveWindow
ShowWindow
GetParent
BeginPaint
GetClassInfoExA
AlignRects
GetFocus

wsock32

WSAGetLastError
WSACleanup
WSAStartup
WSASetBlockingHook
WSAAsyncGetServByPort

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ