7e3d5c8fcb9be609e89c2f1b8eec3d3f56613dc9288593e8757d209bec0b0824 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7e3d5c8fcb9be609e89c2f1b8eec3d3f56613dc9288593e8757d209bec0b0824
Size

315KB
MD5

846f2b033b1de88a9a3bf271ba81c798
SHA1

78b2d4c15df148a3e5ed62d66e7d3d4d8bf16bf4
SHA256

7e3d5c8fcb9be609e89c2f1b8eec3d3f56613dc9288593e8757d209bec0b0824
SHA512

5989ee34e976fdc872c607892278161e0d9e9179a46fd6bb1a68dd9bcd935f3abb21ae865250a769c02a5a9da13a669b22f3160ff60a980e63a01d9f3f018ec2
SSDEEP

6144:iseIEfYwXCIq6BU5l8iHtDprW7e6AabtisH9fETmQrW/kYo/dTjLKI5pu0:eIuYCC20l8atDtW1vvHaTliknlRu0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e3d5c8fcb9be609e89c2f1b8eec3d3f56613dc9288593e8757d209bec0b0824

Files

7e3d5c8fcb9be609e89c2f1b8eec3d3f56613dc9288593e8757d209bec0b0824
.exe windows:4 windows x86 arch:x86

28dd7702b5f4376b5ca831890381d265

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
HeapCreate
LoadLibraryExA
ReleaseMutex
ResetEvent
EnterCriticalSection
InterlockedExchange
RemoveDirectoryA
FindClose
GetLastError
SetErrorMode
FindFirstFileExA
SetEvent
RaiseException
Sleep
GetSystemDirectoryA
GlobalFree
GetCommandLineA
GetLocaleInfoA
GetStdHandle
GetACP

user32

SetForegroundWindow
DrawTextA
FillRect
IsIconic
GetClassNameA
GetWindowTextA
GetWindow
FrameRect
wsprintfA
ShowWindow
ValidateRect
EndPaint
BeginPaint
GetCursorPos
ReleaseDC
GetFocus
GetActiveWindow
GetParent
FlashWindowEx

dnsapi

DnsApiFree
DnsApiAlloc
DnsStatusString
DnsFree
DnsApiRealloc

clbcatq

CoRegCleanup

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ