072e221f69db20e1961217f3d04212e1f50a91dca81df22a737a15af575ba729N | Triage

Sharing

General

Target

072e221f69db20e1961217f3d04212e1f50a91dca81df22a737a15af575ba729N
Size

635KB
MD5

f9e23e1554032b63a4c6cea4c70a0530
SHA1

5a301d9f4b45527b480060b682c1f698f0454c05
SHA256

072e221f69db20e1961217f3d04212e1f50a91dca81df22a737a15af575ba729
SHA512

6c673b96c79694aefe0228d225421c3e4fe185a33415998c121ac25a01ccb56977d4cd0e9da9a16754a681e536e2392a0f7a6229f8ba31dd5eb454a74eded96a
SSDEEP

12288:Dyxm9RgL/ze31xHMoOEK1ahFWw+dNzs6zD4ZljMa8xHOo0cnqd40kOi7PN:uYj8e7so9KKFWw+PsyBco0cn5NN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
072e221f69db20e1961217f3d04212e1f50a91dca81df22a737a15af575ba729N

Files

072e221f69db20e1961217f3d04212e1f50a91dca81df22a737a15af575ba729N
.exe windows:4 windows x86 arch:x86

e132a869e006908a33cfe5696fdeae33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
SetErrorMode
LoadLibraryExA
GetLastError
GetDriveTypeA
GlobalFree
GetStdHandle
HeapCreate
EnterCriticalSection
CloseHandle
GlobalUnlock
FileTimeToLocalFileTime
GlobalDeleteAtom
GetACP
SetConsoleOutputCP
GlobalAddAtomA
GetLocaleInfoA
Sleep
InterlockedExchange
RaiseException
LockResource

user32

ShowWindow
GetActiveWindow
IsIconic
ClipCursor
GetMenuItemInfoA
BeginPaint
GetParent
DrawTextA
GetCursorPos
ReleaseDC
EndPaint
ValidateRect
GetWindow
DrawEdge
SetForegroundWindow
OemToCharW
GetFocus
GetWindowTextA
GetClassNameA

httpapi

HttpCreateHttpHandle
HttpTerminate
HttpAddUrl
HttpInitialize
HttpRemoveUrl

msutb

GetPopupTipbar

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ