c822b000232e7ab73b1f0425984c9c1c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c822b000232e7ab73b1f0425984c9c1c
Size

370KB
MD5

c822b000232e7ab73b1f0425984c9c1c
SHA1

3938d6bfeca4901fb8dc6cf73c66aba45f3d20b7
SHA256

a3d992658d53433ead15c142960e00ec77b2cafc08252b05dfa8b87bc5b01392
SHA512

c5402d36ae0edd1a7865114f6550561b0c23c60986998fd1aa758a0d85c148bad252a8ea04f85c9c73f353e190135142872b4fccb64a2e8bfc620c008cbefc6f
SSDEEP

6144:Wk9kmoMOXSyHyC3jRSaZjmi/KaeF/ae/X7FwHqYLAzBEO:Xam8XVHjNSaZy0KaA/auX0h4WO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c822b000232e7ab73b1f0425984c9c1c

Files

c822b000232e7ab73b1f0425984c9c1c
.exe windows:4 windows x86 arch:x86

d2d3ba6d527d5b2003e27a8dc3f2ecaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
TlsGetValue
GetModuleHandleA
GetStdHandle
VirtualQuery
SetLastError
CreateMutexA
CloseHandle
GetCurrentThreadId
DeleteAtom
lstrlenW
GetProcessHeap
GlobalUnlock
GlobalFree
HeapCreate
SetEnvironmentVariableA
LoadLibraryExW
FindResourceA
CreateFileA
GetExitCodeProcess

user32

SetFocus
GetIconInfo
GetDC
DrawEdge
DispatchMessageA
CreateMenu
IsWindow
GetDlgItem
DrawMenuBar
CreateWindowExA
CallWindowProcA
CheckRadioButton
FillRect

ntshrui

IsPathSharedW
IsPathSharedA
SetFolderPermissionsForSharing
GetNetResourceFromLocalPathA
GetLocalPathFromNetResourceA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 343KB - Virtual size: 344KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ