dfc4b0b647b30f8ed8b6314ef6840aa7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dfc4b0b647b30f8ed8b6314ef6840aa7
Size

110KB
MD5

dfc4b0b647b30f8ed8b6314ef6840aa7
SHA1

91a37710eadf732d7fa7b5d783921fd53d55739b
SHA256

d87e5e73d72780e07ffe79b32b52efe1ac24fced9253046653d5df878dcd9070
SHA512

06c874b24b2b1e8bd28e0ffa9209ec3a4d615962b37b057bc9ebea79ad22420cd976405bdf7dd95dbceba265746d39224ed34d49200392d3aa90c5639511ff47
SSDEEP

1536:+I3uqtcm0VAoe7ULYSXxDOKFXvm5upXfCRU41e:73ZtcRKoe7ULYcvmIpXfO1e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfc4b0b647b30f8ed8b6314ef6840aa7

Files

dfc4b0b647b30f8ed8b6314ef6840aa7
.exe windows:4 windows x86 arch:x86

c4eed0f9fe1b5373666849834ca47a89

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsContentTypeA
SHQueryInfoKeyA
PathFileExistsA

comctl32

ImageList_GetBkColor
ImageList_DragShowNolock

kernel32

GetCommandLineA
LoadLibraryExA
GlobalAlloc
GetCPInfo
lstrlenA
ExitProcess
GetTickCount
GetStdHandle
HeapDestroy
GetEnvironmentStrings
GetLastError
VirtualAllocEx
MoveFileA
GetModuleHandleA
GetVersionExA
GetProcAddress
SetHandleCount

user32

CharNextW
SetParent
TrackPopupMenu
AdjustWindowRectEx
GetClipboardData
GetWindowRect
IsZoomed
RemoveMenu
InflateRect
GetSysColorBrush
WaitMessage
CharUpperBuffA
GetCursorPos
GetCursor
IsWindowEnabled
DestroyIcon
DispatchMessageW
LoadIconA
GetActiveWindow
BeginPaint
ScreenToClient
LoadCursorA

advapi32

RegQueryInfoKeyA

gdi32

SaveDC
GetDCOrgEx

shell32

SHGetDesktopFolder
DragQueryFileA
Shell_NotifyIconA

version

GetFileVersionInfoSizeA
VerInstallFileA

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE