d358bd9892ada128b9905aeb09708201 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d358bd9892ada128b9905aeb09708201
Size

82KB
MD5

d358bd9892ada128b9905aeb09708201
SHA1

c0dadfc734f34a7fae6937d97c00f2a2baa859e6
SHA256

4aa4a536d0645f9b8914038f01f093b040a42ca7a8d456bf5c13c92776fa690a
SHA512

9bc000319878d1eaeec220b6b09b8c6a5d2c433198b9b95eae3032bf42bdf4467f5987814218b2828e5fc00f3c8901d00611a408f43cc1483e346d0b14202ee3
SSDEEP

1536:nNHi+xR6xhR+ccccccArCJ7eGX+lRbgte:nNaxh5oXSJ0e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d358bd9892ada128b9905aeb09708201

Files

d358bd9892ada128b9905aeb09708201
.exe windows:4 windows x86 arch:x86

155641078e11649476faf5fc192231ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
SetEvent
SearchPathA
GetTickCount
GetDiskFreeSpaceA
FindResourceExA
FindClose
CloseHandle
FindAtomA
ExitProcess
DeleteCriticalSection
GetLastError
VirtualProtect
GetConsoleFontSize
lstrlenA
TlsGetValue
CreateThread
GetModuleHandleA
FindVolumeClose
ReleaseMutex

user32

EnableWindow
GetMessageA
DispatchMessageA
IsIconic
CreateWindowExA
DialogBoxParamA
EndDialog
CopyIcon
CreateMenu
GetScrollBarInfo
DragDetect
GetKeyState
CopyImage
CloseWindow

wshbth

WSHIoctl
WSHNotify
NSPStartup
WSHJoinLeaf
WSHOpenSocket2

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE