392e90bcb098466f72058fac3413cd559641cbb4a72b9d2dde9867d7c0d12033 | Triage

Sharing

General

Target

392e90bcb098466f72058fac3413cd559641cbb4a72b9d2dde9867d7c0d12033
Size

120KB
MD5

1f36085ce2c80a804bfd3cf99b4492a3
SHA1

740b3e28317ab6847e76af8b904a46696097d30e
SHA256

392e90bcb098466f72058fac3413cd559641cbb4a72b9d2dde9867d7c0d12033
SHA512

c138bb562c02947701a623ffab767a681de8c9b5162442cb6e9e5888b01427ce2870050db2117614206e883ddde2743a4a10abef982c243a40b1f1e6d41a8179
SSDEEP

1536:wHILkvILFVLoYOFehsDQlx+j/t3msFyR2YkkxkpDVa9RSy3OUwb0OJNU7B6l3u:+xInL+FeG0lx+jpkR2xc4Q9PNwbAB6l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
392e90bcb098466f72058fac3413cd559641cbb4a72b9d2dde9867d7c0d12033

Files

392e90bcb098466f72058fac3413cd559641cbb4a72b9d2dde9867d7c0d12033
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ