a407b9d897f5b2ad77ff44b9214f5bedf6b3d5930dfcd273725123a5744b864b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a407b9d897f5b2ad77ff44b9214f5bedf6b3d5930dfcd273725123a5744b864b
Size

51KB
MD5

d3c1133236465115adb8bcfb567f8655
SHA1

01dd49101caa11d516f9e7005b3857f6438ef05c
SHA256

a407b9d897f5b2ad77ff44b9214f5bedf6b3d5930dfcd273725123a5744b864b
SHA512

83e2a196bdc62a794a8c862557c3008008d5bc4e84d58aee8cf135ba56c3bb12e8537fcdf37a3ca536b717bc61a00bc96bb61078ca74a0dd06eb5aad402b15e4
SSDEEP

768:bJw1VCKVaXBL7U1S9N6+JibOdgPF3gS5J5xdtOaNFkwcbo:W1Vi7Uo9Nt2OdwpgSrdlFkwcbo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a407b9d897f5b2ad77ff44b9214f5bedf6b3d5930dfcd273725123a5744b864b

Files

a407b9d897f5b2ad77ff44b9214f5bedf6b3d5930dfcd273725123a5744b864b
.exe windows:1 windows x86 arch:x86

361e7ae4114365f7230e69cc444667ad

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

PostQuitMessage
LoadIconA
SetDlgItemTextA
RegisterClassExA
MessageBoxA
MessageBeep
TranslateMessage
SetWindowTextA
wsprintfA
SendDlgItemMessageA
CreateDialogParamA
DefWindowProcA
DialogBoxParamA
DispatchMessageA
EndDialog
GetMessageA
IsDialogMessageA
LoadCursorA

kernel32

WinExec
SetUnhandledExceptionFilter
DeleteFileA
CloseHandle
GetModuleHandleA
ExitProcess
WriteFile
CreateFileA

shell32

SHGetPathFromIDList
SHGetMalloc
SHBrowseForFolder

Sections

CODE
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.PATCH
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE