310eed7770dbc17187cafe3f0185bccded139aed2d65316c1af2f64c2b2cc21aN | Triage

Sharing

General

Target

310eed7770dbc17187cafe3f0185bccded139aed2d65316c1af2f64c2b2cc21aN
Size

316KB
MD5

f7acbfdd159d677589ef285c5c67dc10
SHA1

1cb830dc65883c77ece63c0b4c527155f681444c
SHA256

310eed7770dbc17187cafe3f0185bccded139aed2d65316c1af2f64c2b2cc21a
SHA512

64d7bb7e7313a509c33e2f56b9a8d614121a6e23b0195bc22af4fd782726a0d00cd8769943b0b736b6e6d07062528a06f8012845704392643c6008f40cd0ec0f
SSDEEP

6144:whgMbyt+/lFO7UXdj5hcD28Ek5k+6GGv+H1wpZnjZr0J/x:whgxtAA70R5uq89H6EHe3pUx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
310eed7770dbc17187cafe3f0185bccded139aed2d65316c1af2f64c2b2cc21aN

Files

310eed7770dbc17187cafe3f0185bccded139aed2d65316c1af2f64c2b2cc21aN
.exe windows:4 windows x86 arch:x86

b6baf7adcf1e4ca5b038036c511cdeca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExpandedNameA
GetEnvironmentStringsA
GetModuleHandleA
GetCurrentProcess
GetThreadPriority
InterlockedExchange
WriteConsoleA
GetCurrentProcessId
IsDebuggerPresent
FormatMessageA
GetACP
GetTimeFormatA
DeleteAtom
GetStdHandle
HeapCreate
LoadLibraryA
VirtualProtect
HeapDestroy
FlushFileBuffers
GetCurrentThread
OpenSemaphoreA

user32

ReleaseDC
BeginPaint
SetActiveWindow
GetWindow
GetClassNameA
GetCursorPos
wsprintfA
GetParent
ValidateRgn
GetWindowTextLengthA
IsIconic
FillRect
GetDlgItem
SetForegroundWindow
DrawTextA
EndPaint
FrameRect
ShowWindow
GetFocus

linkinfo

IsValidLinkInfo
ResolveLinkInfoA
GetCanonicalPathInfoA
GetLinkInfoData
DestroyLinkInfo

version

GetFileVersionInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ