deae8242029e5bab7e6f0c543f39f76f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deae8242029e5bab7e6f0c543f39f76f
Size

10KB
MD5

deae8242029e5bab7e6f0c543f39f76f
SHA1

bcb060061b9706bb2d7d3cdc5635f2866357b423
SHA256

d48d32da5f4b9b93a8f44228e6f75c577e7ba3a4897ca9c4a42b4da77a638f21
SHA512

06d78b933a7993579b387a7638bdfc2ab8e950bf115588da9d1f7e86e6b5f8dcc8cbc881f26fe4319a2a4782b5170fedc6d84fde40678843fcec07ccbf6ddc0e
SSDEEP

192:4JLYnVt6DsP896KYVj9fW5FvXxksld9yx+H14W:4B8Dx9eDZdld9ye14W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deae8242029e5bab7e6f0c543f39f76f

Files

deae8242029e5bab7e6f0c543f39f76f
.exe windows:4 windows x86 arch:x86

bd391de73215b46130223063a64a3cde

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyIcon
CloseDesktop
SetWindowLongA
DisplayExitWindowsWarnings
GetWinStationInfo
GetSystemMetrics

kernel32

GetLastError
VirtualProtect
RemoveDirectoryA
GetCommTimeouts
LCMapStringW
MapViewOfFile
LockFile

gdi32

Polygon
SetStretchBltMode
PtInRegion
UpdateColors
NamedEscape

Sections

.text
Size: 3KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE