d531fa1e4dc76b7a244723c0c8f230aa | Triage

Sharing

General

Target

d531fa1e4dc76b7a244723c0c8f230aa
Size

35KB
MD5

d531fa1e4dc76b7a244723c0c8f230aa
SHA1

09bb7054c7ba1224f229431cacd3272a79436992
SHA256

c6fd6133b03fa513b9a6874fe253afc32e89d2965696aba5eca9b9fdadedbe6e
SHA512

87d3ec0b95c0bef03c7a6560195878f3c07fbd9a1836bcaafe008facf774c6a0f79a840a8174d566c40ca626824954c082d0368bee9f072e1a073afed5432398
SSDEEP

768:g0j1PdbK6YPPsZumlY8r+fAUS+yitRG2muvd950Xn3OUS9fL/AZ:qP0Z1ltr2lO2pzi+7f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d531fa1e4dc76b7a244723c0c8f230aa

Files

d531fa1e4dc76b7a244723c0c8f230aa
.exe windows:1 windows x86 arch:x86

c409c716d8b348d2d9cf675b3bc1c25c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

VariantCopyInd

gdi32

StretchDIBits

comctl32

InitCommonControls

Sections

CODE
Size: 27KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE