dfa13d3bb872ed47d0afdc031a7d374b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfa13d3bb872ed47d0afdc031a7d374b
Size

35KB
MD5

dfa13d3bb872ed47d0afdc031a7d374b
SHA1

1207349e3ef58d917250042743dd4a59f2643273
SHA256

6f4e3e9aa302a457409d9c76088b87ed5bbcc7eb07c9f2cd90d17e79c51c1fe7
SHA512

8101fd140f51049404cb8eb4580aa373571595663df81d9cffc801b5d609cf7365467a75c9d8beca1651c4ede11c72490d33771d916db99f0b6f62458a88945f
SSDEEP

384:JLnd0S5zpgC1L/AUhuTURV2759yUab5/rA1Bee14AHtDt3P0P10xnBU9Vc7CzAg:5dvp7jqIVNUa9/rneHHxn+oMZdfMz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfa13d3bb872ed47d0afdc031a7d374b

Files

dfa13d3bb872ed47d0afdc031a7d374b
.exe windows:4 windows x86 arch:x86

baec116e3b8b32ddd11a9167ce6a1ef6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemInfo
AreFileApisANSI
GetStartupInfoA
IsBadReadPtr
IsBadCodePtr
IsBadStringPtrA
QueryPerformanceCounter
GetSystemDirectoryA
GetVersionExA
GetWindowsDirectoryA
GetCurrentDirectoryA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetSystemTimeAdjustment
GetProcAddress
GlobalMemoryStatus
VirtualAlloc
VirtualProtect
GetProcessHeap
GetLogicalDriveStringsA
LoadLibraryA
GetModuleHandleA
GetCurrentThread
GetCurrentThreadId
GetLastError
IsBadWritePtr
GetLogicalDrives
GetComputerNameA
GetConsoleCP
QueryPerformanceFrequency
GetCurrentProcess
GetDiskFreeSpaceExA
GetVolumeInformationA
GetVersion
TerminateThread

user32

GetFocus
GetDoubleClickTime
GetForegroundWindow
GetSysColor
GetActiveWindow
GetKBCodePage
GetCapture
GetDesktopWindow
GetKeyboardType

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE