d38fa6f9d3ac3967ab18864734430328 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d38fa6f9d3ac3967ab18864734430328
Size

196KB
MD5

d38fa6f9d3ac3967ab18864734430328
SHA1

754ff1dd188e7fd658ad93b41088628b0a52ac18
SHA256

500340f40bc3783daa506efec5e3156e70a0162d8830c042f04f94cf0dd79981
SHA512

87fdc483b17e3e48dd532c3e39c0b392b8aedcde749296bc83d845b56412f18c07c7a2dcc0755b55cbd54184ed2ddc314b878074e64e85a242d964563848716a
SSDEEP

3072:bIEiYxFdaTBSciOEnmLscfJ2eMKXTr6YPM6W4wPUKsVhrhUDivVBXiDVNgR7pWq:cEiYUdSciOf7R9X6L6W4DKkJ8K/8VE7F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d38fa6f9d3ac3967ab18864734430328

Files

d38fa6f9d3ac3967ab18864734430328
.exe windows:4 windows x86 arch:x86

5f48827e5077460aa98f16502990902f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetCommandLineA
TlsGetValue
IsDBCSLeadByte
GetCurrentThreadId
lstrcatA
GetLogicalDrives
GetModuleHandleW
GetUserDefaultLCID
FreeLibrary
TlsSetValue
TlsFree
VirtualAlloc
lstrcpyA
GetOEMCP
CreateProcessInternalA
GetModuleFileNameA
GetCurrentProcessId
GetSystemDefaultLCID
GetDriveTypeW
GetCurrentThread

user32

IsIconic
IsWindowVisible
GetWindow
BeginPaint
GetFocus
RegisterClassA
GetDC
GetWindowLongA
ReleaseDC
GetWindowTextLengthA
CloseWindow
GetWindowTextA
UpdateWindow
GetClassInfoExA
GetSystemMetrics
GetActiveWindow
GetForegroundWindow
GetWindowDC
ShowWindow

imagehlp

ImageLoad
BindImage
FindFileInPath
FindDebugInfoFile
ImageNtHeader
CheckSumMappedFile

oleacc

DllRegisterServer
LresultFromObject
GetStateTextA
GetRoleTextA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ