d5c0204c353df61ec441c834c56c4b03 | Triage

Sharing

General

Target

d5c0204c353df61ec441c834c56c4b03
Size

243KB
MD5

d5c0204c353df61ec441c834c56c4b03
SHA1

4df64a5b956fb7b67bb5489bd069b755cd535f2a
SHA256

dffde103274f93ec565bc1f394c6b94bea9c0d0c7dc9283a5b61d9adba348eba
SHA512

86aa77d0d8db09e16e6158606e67a1bff81b58ea7c9432104e508b888a0235f5b3959d16d17f99a2ffd8dcdbf57715f77ae51843b62e6c7aa9f052a14bdf0208
SSDEEP

6144:Q0a3JZG91AD8A28YoJCoIahGg69dAAxg3gzN3:Q0UGYeOXh3eAAig5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

d5c0204c353df61ec441c834c56c4b03

Files

d5c0204c353df61ec441c834c56c4b03
.exe windows:4 windows x86 arch:x86

b41f36742e1e66a4bc9256e9e3f52e17

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ddraw

DirectDrawCreateEx

shlwapi

wnsprintfA

kernel32

GetModuleHandleExA
GetExitCodeThread
LeaveCriticalSection
FindFirstChangeNotificationW
EnterCriticalSection
ResumeThread
GetCurrentThreadId
GetSystemTimeAsFileTime
GetTickCount
SetThreadPriority
CreateFileW
GetPrivateProfileStringW
GetFileAttributesW
GetModuleFileNameW
SuspendThread
WaitForMultipleObjects
CreateEventW
FindNextFileW
OutputDebugStringW
DeleteFileW
CreateDirectoryW
TerminateProcess
MultiByteToWideChar
FileTimeToSystemTime
FreeLibrary
GetProcAddress
LoadLibraryA
WideCharToMultiByte
DeleteFileA

oleaut32

CreateErrorInfo
DispInvoke
VarI2FromDec
VariantInit
SysFreeString

Sections

.text
Size: 114KB - Virtual size: 201KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 126KB - Virtual size: 126KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 274B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ