d37f31af195812210ca8cb2bd190aace | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d37f31af195812210ca8cb2bd190aace
Size

311KB
MD5

d37f31af195812210ca8cb2bd190aace
SHA1

de1eaf37e0fc691f09e3deae05b919d435ba8cf4
SHA256

cf2260a4d74a701bc0775caaa3195894e776cfd323da0b7ce7b739d657782589
SHA512

69de359e113562358b68dafe9dc2d73f0492cda1855f079a965e33f905e4df3e3e82213a3566402a75007fa07fa6b0761fa96ccc78355f5f86f996014faf6466
SSDEEP

6144:FxvzjbbHLCL7pBLfCartChwkmBjH+7hvwTR3Z+3VW6qkFtnJr7JOU9r:FpjbbqJCarAVmBQhId3GVTFxZVT9r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d37f31af195812210ca8cb2bd190aace

Files

d37f31af195812210ca8cb2bd190aace
.exe windows:4 windows x86 arch:x86

30175fcd9d226cfb3669b7fed7e3ebf3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
GlobalAddAtomA
EnterCriticalSection
InterlockedExchange
HeapCreate
Sleep
RaiseException
SetConsoleOutputCP
SetErrorMode
VirtualProtect
GlobalDeleteAtom
GetACP
LockResource
GlobalFree
GetLastError
CloseHandle
GetDriveTypeA
GetLocaleInfoA
LoadLibraryExA
FileTimeToLocalFileTime
GetStdHandle

user32

EndPaint
GetCursorPos
GetWindow
DrawEdge
GetMenuItemInfoA
GetFocus
ShowWindow
ReleaseDC
GetParent
GetClassNameA
OemToCharA
ValidateRect
BeginPaint
ClipCursor
DrawTextA
GetActiveWindow
IsIconic
SetForegroundWindow
GetWindowTextA

ntdsapi

DsGetSpnA
DsBindA
DsCrackNamesA
DsFreeNameResultA
DsIsMangledDnA

netapi32

DsRoleCancel

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ