1a547c3b74a94ae0c5841e0f383aa33cdfb3ce05b0949b285313726aa819add9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1a547c3b74a94ae0c5841e0f383aa33cdfb3ce05b0949b285313726aa819add9
Size

32KB
MD5

d2bd96bab7615bd7da5a2b15f15ef4c5
SHA1

28078056c3ee54ce47de13ab52c285f9ca7f49de
SHA256

1a547c3b74a94ae0c5841e0f383aa33cdfb3ce05b0949b285313726aa819add9
SHA512

3b9f21a81ff8fd18845e2bd47ec37a4d0b1ac0a1ad6e44db04ec3952081cfaa9bd8280fe10602a04dce34cd340fe61bcbc33aea3e407df8b8bc89d524bf6e604
SSDEEP

384:cuS9kngTCbddvPhsoW6qVWMSh06So43ltOz9yuSGvvAD52:cuS9L8hsoW6Vh06S33ltOkGvvAD52

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a547c3b74a94ae0c5841e0f383aa33cdfb3ce05b0949b285313726aa819add9

Files

1a547c3b74a94ae0c5841e0f383aa33cdfb3ce05b0949b285313726aa819add9
.exe windows:4 windows x64 arch:x64

46dc695288b735279ea15d606c492644

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

__getmainargs
clock
malloc
free
fopen
fclose
fread
fwrite
rename
remove

user32

PostQuitMessage
MessageBoxA
RegisterClassExA
LoadIconA
LoadCursorA
CreateWindowExA
GetMessageA
TranslateMessage
DispatchMessageA
DefWindowProcA
GetDC
BeginPaint
EndPaint
SetTimer
GetWindowRect
GetClientRect
MoveWindow
ShowWindow
SetProcessDPIAware
ClientToScreen
InvalidateRect

gdi32

CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
SetBitmapBits
DeleteObject
DeleteDC

kernel32

CreateThread
CreateMutexA
WaitForSingleObject
Sleep
ReleaseMutex
GetCurrentDirectoryA
SetCurrentDirectoryA
CreateDirectoryA
RemoveDirectoryA
FindFirstFileA
FindNextFileA
FindClose
GetLogicalDrives
CloseHandle
CreateProcessA

Sections

.text
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE