24d81af0e1c2c2437236f2fa1423efcee0c7f8e334dac5cf60ed4f78e10b3ac5N | Triage

Sharing

General

Target

24d81af0e1c2c2437236f2fa1423efcee0c7f8e334dac5cf60ed4f78e10b3ac5N
Size

63KB
MD5

03ecea5f8fa65d4f8cc44df4f3d243a0
SHA1

7f3c13d69a9167df4e2d9a08180cc0c0cee40b30
SHA256

24d81af0e1c2c2437236f2fa1423efcee0c7f8e334dac5cf60ed4f78e10b3ac5
SHA512

782a3a628d2fec98a1c37a982123be9bc810e7192f56e70e0ce8875b213d25e49ebb7a048a69a27d11bdb3c222a5a50c51066f231eaefe2af064c8f988fd90a7
SSDEEP

1536:fARqt2XId+Ny0Ue1n3wQw+p9gufZf3gPZ4cTvoN/njcxrwi:fAGdSdU0nAQwvOiPqcTvg/Ihl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24d81af0e1c2c2437236f2fa1423efcee0c7f8e334dac5cf60ed4f78e10b3ac5N

Files

24d81af0e1c2c2437236f2fa1423efcee0c7f8e334dac5cf60ed4f78e10b3ac5N
.exe windows:5 windows x86 arch:x86

12fea5c1a5eb58df5bf2950ef91b6c8b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

Sleep
HeapDestroy
WriteConsoleW
DeleteFileA
CancelIo
lstrlenW
CopyFileA
HeapSize
GetStartupInfoA
GetDriveTypeW
LoadLibraryW
GetProcessHeap
GetFileAttributesA
GetCommandLineA
WriteConsoleW
WriteConsoleW
AddAtomW
SetEvent
VirtualProtect
lstrcpyA
GetPrivateProfileSectionW

mmcndmgr

DllRegisterServer
DllCanUnloadNow
DllGetClassObject
DllRegisterServer

dsprop

MsgBox
MsgBox
CheckADsError
ReportError
FindSheet
FindSheet
MsgBox
ErrMsg
CheckADsError
ErrMsg
FindSheet
ReportError
ErrMsg

Sections

.text
Size: 1024B - Virtual size: 780B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 12KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 274B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE