db4adc3305906fae4c686c0cc2beb45197029cde4c7e665a23aada697a56dac5N[.]exe | Triage

Sharing

General

Target

db4adc3305906fae4c686c0cc2beb45197029cde4c7e665a23aada697a56dac5N.exe
Size

114KB
MD5

7831193640944b5faecb74b6019b9770
SHA1

0c5cc931445087ad4c5d5b5d4b11e490e12eb4b4
SHA256

db4adc3305906fae4c686c0cc2beb45197029cde4c7e665a23aada697a56dac5
SHA512

80bb7c1fb4a522482618d7f1263cedc34a59c90496287612fc8d9ae8ed1abdcc41147ad8d4102bd2276f377481e637059d83872100590f3953d250bde7f607c6
SSDEEP

3072:LcN+zAVSlAUXEdge4+GKwWjx34Zo+7l3:uTVSlDAge4UwWd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
db4adc3305906fae4c686c0cc2beb45197029cde4c7e665a23aada697a56dac5N.exe

Files

db4adc3305906fae4c686c0cc2beb45197029cde4c7e665a23aada697a56dac5N.exe
.exe windows:4 windows x86 arch:x86

3d38256fce967372119b4c50357ea61b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

HeapCreate
IsBadStringPtrA
GetFileTime
GetCurrentDirectoryA
WriteConsoleW
GetFileSize
SetPriorityClass
IsValidLocale
lstrlenW
GetFileAttributesA
ReadFile
GetLastError
IsBadCodePtr
lstrcpyW
FindResourceA
GetModuleHandleA
WriteConsoleW
CloseHandle
WriteConsoleW
GetStartupInfoA
ReleaseMutex

msftedit

RichComboBoxWndProc
RichEditWndProc
RichListBoxWndProc
SetCustomTextOutHandlerEx

shell32

ShellMessageBoxW
DuplicateIcon
SHGetMalloc
SHGetFolderPathA
ExtractIconW
ShellAboutA
SHGetFileInfoA
ShellAboutA
FreeIconList
ShellMessageBoxW
DragQueryFileA
DragAcceptFiles
StrChrA

msasn1

ASN1BERDecEoid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 103KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 1024B - Virtual size: 67B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE