c942df73402fa064ebe4a019a4cec3c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c942df73402fa064ebe4a019a4cec3c8
Size

804KB
MD5

c942df73402fa064ebe4a019a4cec3c8
SHA1

619f8ca39ee71735a32d034d0bdda7e390e7217e
SHA256

35b7bc310857cb5b076df1dc1535a49f7b4c116718a16d0be59770b2cd9a3101
SHA512

a41ddf1d448763d0417604157b4b9a27e30e3476853649663f1406c696c438bdf9d1097fbd0dd2615ede197b0cdba05f42e1fa72d2b5e40317fd8d8a4006f490
SSDEEP

24576:i4s+qgK9lNbRufFFFFXcu4dlrCWoXJNgyzx/wW8:tYlNbE3F4+WsDdxl8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c942df73402fa064ebe4a019a4cec3c8

Files

c942df73402fa064ebe4a019a4cec3c8
.exe windows:4 windows x86 arch:x86

77eb90da0b69f463eae48c37c642d96c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
FindResourceExW
FindResourceW
GetLocaleInfoW
LoadResource
LockResource
GetStartupInfoA
RtlUnwind
SetUnhandledExceptionFilter
ExitProcess
CreateThread
HeapCreate
GetStdHandle
GetOEMCP

msvcrt

__wgetmainargs
_initterm
memset
__p__fmode
acos
__p__commode
__setusermatherr
_amsg_exit
__dllonexit
_onexit
_wcmdln
memcpy

msimg32

TransparentBlt

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 776B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ