d112f3e50e58db27af204fe7b6eec443ac55b922817aeb531701b72dd4317f43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d112f3e50e58db27af204fe7b6eec443ac55b922817aeb531701b72dd4317f43
Size

52KB
MD5

6c5cf7df7d2ced981583a4857efa51a7
SHA1

ffe85a3cb17a691212e1e7cb85110b990cf2af94
SHA256

d112f3e50e58db27af204fe7b6eec443ac55b922817aeb531701b72dd4317f43
SHA512

f248ef7e85b6f802b0b69273560edea46bad5b931a39689654cdb87573ae1f609cc2ab5a611a51cd95a00ebf04413681791a3b03859134e1e796b9e820b190fb
SSDEEP

1536:AkGjXRrs9sINeZEtejlIkoLN127BFVn2p4lAnZ8nsTQtpsWME0LXqn:mjXRrs9sINeZEtejlIkoLN127BFVn2pK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d112f3e50e58db27af204fe7b6eec443ac55b922817aeb531701b72dd4317f43

Files

d112f3e50e58db27af204fe7b6eec443ac55b922817aeb531701b72dd4317f43
.exe windows:5 windows x86 arch:x86

0472c674d7267dab79104d29a2a3058b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
PostQuitMessage
GetMessageA
EndPaint
DispatchMessageA
BeginPaint
TranslateMessage
CreateWindowExA
DefWindowProcA
SendMessageA
RegisterClassA

kernel32

TlsFree
TlsSetValue
TlsGetValue
CreateFileA
TlsAlloc

gdi32

LineTo
MoveToEx

comctl32

ord17

shell32

DragQueryPoint
DragFinish
DragQueryFileA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 796B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 318B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ