322269c754b762b5dac7d6f3348edc607d4ebc59399db6f278b0b60b84854f83[.]exe | Triage

Sharing

General

Target

322269c754b762b5dac7d6f3348edc607d4ebc59399db6f278b0b60b84854f83.exe
Size

185KB
MD5

bcf07821abb35f58f330aa3e4ca1ecfc
SHA1

161ae0ba605d571cb54a4a0b63d9ace87aa1cfc4
SHA256

322269c754b762b5dac7d6f3348edc607d4ebc59399db6f278b0b60b84854f83
SHA512

9f891fdc16916f9843207b53d12b01ecbf3f775bc10f67d6faf8b248330a92a88e04131c96537baa92f445053294f179862dc6f2522110219bf3e4934e2be26e
SSDEEP

3072:nIYDw69F10RfNvMTqenRvDi3OOk0djGzC/o+ZsFeM+VktbMUNR/YdRRe2dH+gCg:Ij6TyMPnRvu3OJCGzCg+Z6eYbMUfWRLp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
322269c754b762b5dac7d6f3348edc607d4ebc59399db6f278b0b60b84854f83.exe

Files

322269c754b762b5dac7d6f3348edc607d4ebc59399db6f278b0b60b84854f83.exe
.exe windows:4 windows x86 arch:x86

c67910dea835c03a589fb43f742d7ee9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

rpcrt4

I_RpcFreeBuffer
UuidCreate

user32

GetDC
DestroyWindow
GetDlgItem
MoveWindow
SendMessageA
EnableWindow
ReleaseDC
GetDlgItemTextA
IsDialogMessageA
WinHelpA
ShowWindow
CreateDialogParamA
IsDlgButtonChecked
GetDialogBaseUnits
CheckDlgButton
IsWindow
SetWindowLongA
SetDlgItemTextA
UnregisterClassA
CharNextA

shlwapi

PathFindExtensionA

kernel32

FlushInstructionCache
TlsAlloc
HeapReAlloc
TerminateProcess
VirtualAlloc
HeapCreate
SetUnhandledExceptionFilter
ExitProcess
VirtualFree
ExitProcess
GetCommandLineA
IsBadWritePtr
GetProcAddress
SetLocaleInfoW
SetLastError
RtlUnwind
GetSystemInfo
VirtualQuery
HeapDestroy
VirtualProtect

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ