181a7903742e423eaca7a5f2da7d4499 | Triage

Sharing

General

Target

181a7903742e423eaca7a5f2da7d4499
Size

355KB
MD5

181a7903742e423eaca7a5f2da7d4499
SHA1

b19a18fd23d97308a55d5f4ff0486047b1a8c471
SHA256

32e5112425cf3a09e29ebd169c236e66027a51fd7503871866a60e54ac9499bd
SHA512

749b02baf7225a04afe73bcd00070f6d3d8eb342afd8500c54e8658cbb12c32354ca789c7ef291da3251e0a294e3930b63c2fef4e109cfc0654ac9a7f4560899
SSDEEP

6144:A7q+DJW79oHNEo3CgC4+lSXhrCutk8RmKXEpltrb+SkVaT45:4qSJWqbShuX1CsnXYltvC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
181a7903742e423eaca7a5f2da7d4499

Files

181a7903742e423eaca7a5f2da7d4499
.exe windows:5 windows x86 arch:x86

a0b31bf26957fefe1028ee5ec56965e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetWindowTextA
DispatchMessageA
WindowFromPoint
BeginPaint
EnableWindow
EndPaint
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage

gdi32

CreateFontIndirectA
DeleteObject
CombineRgn
GetDeviceCaps
CreateColorSpaceA
DeleteColorSpace
GetStockObject
CreateCompatibleBitmap

ole32

ProgIDFromCLSID

kernel32

InitializeCriticalSection
GetPrivateProfileIntA
LeaveCriticalSection
DeleteCriticalSection
GetACP
GetPrivateProfileStringA
GetTickCount
GetLastError
GetFileType
GetStartupInfoA
SetFileAttributesA
EnterCriticalSection
GetEnvironmentStrings
lstrcmpiA
HeapAlloc
HeapCreate
InterlockedDecrement

Sections

.text
Size: 197KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ