de270991cbdba29b173dd5eb403d525d9b40e291bb15958ff3428be798076393 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de270991cbdba29b173dd5eb403d525d9b40e291bb15958ff3428be798076393
Size

41KB
MD5

876a780763116d177496d8fa4faa5a60
SHA1

8f906a7863bd2a670980c8e17667b8388421d42f
SHA256

de270991cbdba29b173dd5eb403d525d9b40e291bb15958ff3428be798076393
SHA512

28e05cb13bdd3a8513302f64f3e6d4597c00315fe7cab31a90280fbe586ceeaaeba5fd63bdc5c9842fe183e95bac4e1e18a85e64ca6d9486ae0931872532072a
SSDEEP

768:swg9aYfQkXdmCdMimsENm4QctLEF+Bx+/C:sR0QQwndcsE0vGgC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de270991cbdba29b173dd5eb403d525d9b40e291bb15958ff3428be798076393

Files

de270991cbdba29b173dd5eb403d525d9b40e291bb15958ff3428be798076393
.exe windows:5 windows x86 arch:x86

40cfd28337d574135a64316bfef4f77d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
CreateSemaphoreA
GetProcAddress
HeapCreate
HeapAlloc
ExitProcess
FreeLibrary

user32

CreateWindowExA
GetMessageA
DispatchMessageA
DefWindowProcA
PostQuitMessage
LoadIconA
LoadCursorA
RegisterClassA

winmm

mciSendStringA

msacm32

acmStreamOpen

Sections

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 983B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ