de033188a68354c0520664c7d40fefc1 | Triage

Sharing

General

Target

de033188a68354c0520664c7d40fefc1
Size

28KB
MD5

de033188a68354c0520664c7d40fefc1
SHA1

1da2009fcfe4dddf5f30d835930e2fa97b2d4aef
SHA256

c189e41ec50c5506522609026a78e8d160b9a0c97508ba87d73c96279310a4d2
SHA512

63efe7b4eea19112fcc6a7893063001f37ca40bef3c3354062bb3f954686bf786bf2a499abe87ffad0df1b4e14f43909af142734139a366e7cf4b700b1bb25f9
SSDEEP

384:ycc37ZM4oJAhtH48EnpkQYNHJIzHo/AWoFI4/Cs:yHdM4oJAADOvHGkOnCs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de033188a68354c0520664c7d40fefc1

Files

de033188a68354c0520664c7d40fefc1
.exe windows:23858 windows x86 arch:x86

4c178cb9db0468ffcadb51a868260b48

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

GetLengthSid

user32

ShowWindow
LoadStringW
GetSystemMenu
SendMessageA
PostMessageW
SetTimer
LoadStringW

shell32

ShellAboutW
SHGetSpecialFolderLocation
ShellAboutW
ExtractIconExW
SHGetFolderPathW
DragQueryFileW
ExtractIconW
SHGetSpecialFolderPathW

kernel32

FormatMessageW
ExitProcess
SetEvent
GetModuleHandleA
WaitForSingleObject
SetUnhandledExceptionFilter
GetModuleFileNameA
VirtualFree
VirtualAlloc

gdi32

MoveToEx
TextOutW
GetTextMetricsW
CreateCompatibleDC
BitBlt
SetBkMode

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 23KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ