d392a6f77414c04f315bbebf97da85b9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d392a6f77414c04f315bbebf97da85b9
Size

96KB
MD5

d392a6f77414c04f315bbebf97da85b9
SHA1

4ebb66f488a859c87dd95b99efc16fde646d3b15
SHA256

e17e0732c9d267b8ada55178702d86e4fd78c984a2f651f5732c0a652eb9875b
SHA512

8e668fa2345b6d0deb3c1f722dcef04e55fea99d1e3d1b325f818c69c9276550303fbf81fc1ec9521870834c70bebe68b332ab0bfce471057d28be47106d37b1
SSDEEP

1536:hGjFyUh++06y9bRSCZKbZQv8tWGtQSflJnj6Bh7iGNC8TF25wdWF9oKpd3O+mxn2:hMhFMN+3WHkejiGonwdWNdmx5RWRF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d392a6f77414c04f315bbebf97da85b9

Files

d392a6f77414c04f315bbebf97da85b9
.exe windows:4 windows x86 arch:x86

4fae692a60c91786b9dd9b8f96deded0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetStockObject
GetTextMetricsA
MoveToEx
EndDoc
SetBkColor
LineTo
RestoreDC
SetBkMode
ExcludeClipRect
SelectPalette
GetDCOrgEx
SetViewportOrgEx
SetWindowExtEx
SetColorSpace
UnrealizeObject
GetPixel

kernel32

GetCurrentProcess
GetThreadLocale
GetVersion
DeleteFileW
GetCurrentThreadId
lstrcmpiW
GetModuleHandleA
GetCommandLineA
lstrlenW
GetModuleHandleW
CopyFileA
GetACP
lstrcmpA
GetCommandLineW
GlobalFindAtomW
GetCurrentProcessId
VirtualAlloc
lstrcmpiA
GetConsoleOutputCP

user32

GetInputState
GetMessagePos
GetDesktopWindow
CharNextA

comctl32

InitCommonControls

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 175KB - Virtual size: 175KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ