14eab2ef847d07978b5a8f44ce4285b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14eab2ef847d07978b5a8f44ce4285b0
Size

165KB
MD5

14eab2ef847d07978b5a8f44ce4285b0
SHA1

2840098bdb14196aad9ea87a46dfb88ffaf38688
SHA256

45d82b125a100ff0b966f325ed7bbb8a957af850cf72f52ea3ddb4be425f4757
SHA512

88c094c211df6ad2078d2f2adc2eae79f4ba18d48005847f13482abbf9e77e00da13607bba9091ce6be640db86852009411923456ed215a5a573e3bd5dc47121
SSDEEP

3072:b52l1ZV/EUBbe5Jarj8/rgso/V9EoFocD7pIGUhaepigRhOTMUqeLNY:tkxEuSgw/Mso/DEG7dUUObhOTZqeL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14eab2ef847d07978b5a8f44ce4285b0

Files

14eab2ef847d07978b5a8f44ce4285b0
.exe windows:4 windows x86 arch:x86

994e251ee7ba1e8c772a04153a9e6c67

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetPrivateProfileStringW
LockResource
GetModuleFileNameW
FindClose
GetVersionExW
InitializeCriticalSection
DeleteCriticalSection
GetVersionExA
GetProcAddress
GetPrivateProfileIntW
GlobalSize
FindFirstFileW
GetModuleHandleW
LoadLibraryW
EnumResourceTypesW
FreeLibrary
GetDllDirectoryW
WritePrivateProfileStringW
LoadResource
MultiByteToWideChar
lstrlenW
MulDiv
GetTickCount
LoadLibraryA
Sleep
GetLocaleInfoW

ole32

CoTaskMemFree
CoTaskMemAlloc
CoUninitialize

shell32

DllGetVersion
ShellExecuteW
ShellExecuteExA
SHFileOperationW
CommandLineToArgvW
SHGetFileInfoA
ShellExecuteExW
SHGetPathFromIDListA
SHBrowseForFolderA
Shell_NotifyIconA

Sections

.text
Size: 81KB - Virtual size: 81KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ