194d5cc084a3f9629f72da07ec19ab91 | Triage

Sharing

General

Target

194d5cc084a3f9629f72da07ec19ab91
Size

92KB
MD5

194d5cc084a3f9629f72da07ec19ab91
SHA1

27c4d6ee2b4dd7b5c0d82196760e92bb92a3fe09
SHA256

47bde3a130aa27fc19019640fb89620177b0f9edec96d256f13e02373c41912c
SHA512

a053344f3e24204163c6d2b51b837fb4ef4837a79a8e0ca2339bb24e17c20d5ca45befafa3c287d0b890d9fa114468c712a3791513c041d4eeed78d4b69524b8
SSDEEP

1536:34OO8bL02F74kFZrw11NR/XuSv8AaCl8TeF+fHguYC/CqUvBVWw2Pe4pQ5bWQ3xg:39EvNVl8TL/9L/rUvuw2GEkBfZpTfndm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
194d5cc084a3f9629f72da07ec19ab91

Files

194d5cc084a3f9629f72da07ec19ab91
.exe windows:4 windows x86 arch:x86

fe30a4d553fcd8172b1e0b2843b8b14b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
FindAtomA
CreateEventW
GetConsoleAliasA
LocalFree
GetModuleHandleA
GetCurrentProcessId
ResumeThread
HeapCreate
GetCurrentThreadId
LocalFlags
ReadFile
GetNumberFormatA
EnumCalendarInfoA
TlsGetValue
lstrlenW
FindClose
GetPrivateProfileStringA
EnterCriticalSection
SetLastError

user32

GetKeyboardType
GetKeyState
GetCursorInfo
GetClientRect
DispatchMessageA
DispatchMessageA
CallWindowProcW
GetSysColor
GetClassInfoA
IsWindow
GetMenuInfo
DrawTextA
SetFocus

stclient

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ