c354e0343efa4069dd5d1edff4d7e44a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c354e0343efa4069dd5d1edff4d7e44a
Size

175KB
MD5

c354e0343efa4069dd5d1edff4d7e44a
SHA1

72a62f673741760247fd8b0c84d1315b6d5170b8
SHA256

7ddc680ff58a6f5e033ca4db20fa6502049ef9956e2e470b8f1ca645958b037d
SHA512

19d44f7ac9a266221102aa2b70a7123c8f8af7a826bff1667c73c501394966f6d0c84d65c9126a27187e0e185b19614c835a2ef60f8050b990a0206f3c50714d
SSDEEP

3072:BOMHRGejc5Dt1aYHHGvR8ARat1d+gTQ2Xu4FpzjEo+VlKkMU1zw8J87HJAYG3M04:BBRTjstnmp81Ld7Q2XnENjKkMUhUTZ04

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c354e0343efa4069dd5d1edff4d7e44a

Files

c354e0343efa4069dd5d1edff4d7e44a
.exe windows:5 windows x86 arch:x86

f0620ebba8e67c290bcda7a2fb0cd6d7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetLocalTime
GetVersionExA
GetCurrentProcessId
GetModuleFileNameA
ExitProcess
GetStdHandle
GetProcAddress
GetModuleHandleA
GetCurrentThreadId
VirtualAlloc
GetCurrentProcess
GetModuleHandleW
GetSystemTime
CreateEventA
GetStartupInfoW

user32

UpdateWindow
GetMessageA
GetActiveWindow
BeginPaint
EndPaint
PostQuitMessage
GetSystemMetrics
ValidateRect
MessageBoxA
LoadIconA
LoadCursorA
GetForegroundWindow
RegisterClassExA
CreateWindowExA
ShowWindow
TranslateMessage
DispatchMessageA
DefWindowProcA

gdi32

CloseEnhMetaFile

shlwapi

StrSpnW
wnsprintfW

msvcrt

_onexit
__dllonexit
_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ