12238fbd91346299f1e1c9f4cbd7c7c55c890d6dbd4e8d6e8c45c136b7ecb59bN[.]exe | Triage

Sharing

General

Target

12238fbd91346299f1e1c9f4cbd7c7c55c890d6dbd4e8d6e8c45c136b7ecb59bN.exe
Size

185KB
MD5

cbe87368dbcf1e8029a0ab25661fea50
SHA1

1cc06f474a50b1e162f9aa60c098fe69c3b45e4d
SHA256

12238fbd91346299f1e1c9f4cbd7c7c55c890d6dbd4e8d6e8c45c136b7ecb59b
SHA512

fc36f7ff11c37f86b72ad8942c5e451fef7a787830a4ea4c2203e56a5383a68334949886972a624663744e96fc6ee3f56826343166b7d65726d0590839a39909
SSDEEP

3072:nIYDw69F10RfNvMTqenRvDi3OOk0djGzC/o+ZsFeM+VktbMUNR/YdRRe2dH+gC:Ij6TyMPnRvu3OJCGzCg+Z6eYbMUfWRLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12238fbd91346299f1e1c9f4cbd7c7c55c890d6dbd4e8d6e8c45c136b7ecb59bN.exe

Files

12238fbd91346299f1e1c9f4cbd7c7c55c890d6dbd4e8d6e8c45c136b7ecb59bN.exe
.exe windows:4 windows x86 arch:x86

c67910dea835c03a589fb43f742d7ee9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc

rpcrt4

I_RpcFreeBuffer
UuidCreate

user32

GetDC
DestroyWindow
GetDlgItem
MoveWindow
SendMessageA
EnableWindow
ReleaseDC
GetDlgItemTextA
IsDialogMessageA
WinHelpA
ShowWindow
CreateDialogParamA
IsDlgButtonChecked
GetDialogBaseUnits
CheckDlgButton
IsWindow
SetWindowLongA
SetDlgItemTextA
UnregisterClassA
CharNextA

shlwapi

PathFindExtensionA

kernel32

FlushInstructionCache
TlsAlloc
HeapReAlloc
TerminateProcess
VirtualAlloc
HeapCreate
SetUnhandledExceptionFilter
ExitProcess
VirtualFree
ExitProcess
GetCommandLineA
IsBadWritePtr
GetProcAddress
SetLocaleInfoW
SetLastError
RtlUnwind
GetSystemInfo
VirtualQuery
HeapDestroy
VirtualProtect

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ