19c64b166b9b9a71919c9b851d8618e9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19c64b166b9b9a71919c9b851d8618e9
Size

816KB
MD5

19c64b166b9b9a71919c9b851d8618e9
SHA1

610e349d4351874217610f99099b67654a1ed106
SHA256

d0030a6552db7b9b081b8a6cd988c715c6a74202d853f41055bbff15c59fad8b
SHA512

8136c4cc57f4178822555f19db0801e84d6f280c445cb01e8c66d563509dc5657a13f8613215691f0ac09aeea8e020e2e3d4aa9c8603cac45609c0f492995426
SSDEEP

24576:VY9XkW8CHwD268D5grjyBBUUYtws56FbrgaP3Q7RZ6Kf:qGtfD09NB3s565r/P3Q7WK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c64b166b9b9a71919c9b851d8618e9

Files

19c64b166b9b9a71919c9b851d8618e9
.exe windows:4 windows x86 arch:x86

b5f9537fd96a80385af73c0c8c402239

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvcrt

_initterm
_errno
_unlock
__dllonexit
_jn
_lock
_onexit
swscanf
memset
_vsnprintf
_CxxThrowException
towlower
?what@exception@@UBEPBDXZ
??0exception@@QAE@ABQBD@Z
toupper
iswctype
wcsrchr
memcpy

kernel32

GetProcessHeaps
HeapCreate
HeapSize
GetStdHandle
HeapValidate
HeapReAlloc
HeapDestroy
SwitchToThread
DeleteTimerQueueTimer
TryEnterCriticalSection
InitializeCriticalSection
LocalFileTimeToFileTime
SystemTimeToFileTime
CompareFileTime

gdiplus

GdipGetImageThumbnail
GdipCloneImage
GdipDrawImageRectI

Sections

.text
Size: 554KB - Virtual size: 553KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 992B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ