0205693c4449bc891b486b2abd821704 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0205693c4449bc891b486b2abd821704
Size

72KB
MD5

0205693c4449bc891b486b2abd821704
SHA1

7297ef7389250e2b154eac07b242f73998817886
SHA256

c261167dd67fffd52dabdcd81fe63b0de81e94e5ede973cbf991af5d4be6ce3e
SHA512

9b350b0b3a3ff897ae82dfc245383eb496f0f824aece580ee152a20025aae60d18f5a4a9ff3ec1350e8806da8cb503f3df95d5a19806485ee58b3d9675c01061
SSDEEP

1536:2ulCMv5azUWYNr2nKE1WalJ+/I0g1gSbuuX03yRn82a1:J5cU3innIaHYSbuuX03yRnJa1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0205693c4449bc891b486b2abd821704

Files

0205693c4449bc891b486b2abd821704
.exe windows:4 windows x86 arch:x86

4c71c87fe9fb867db37651f9a34222b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CompareStringW
DeleteFileA
ExitProcess
FileTimeToLocalFileTime
FreeEnvironmentStringsA
GetACP
GetCommandLineA
GetCurrentProcessId
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemInfo
GetUserDefaultLCID
GetVersionExA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
MultiByteToWideChar
RtlUnwind
SetFilePointer
SetLastError
SetUnhandledExceptionFilter

user32

GetWindowPlacement
GetMessageA
GetClientRect

shlwapi

PathMakePrettyW
PathIsRootA
PathGetArgsA
ColorAdjustLuma
PathAddBackslashA

advapi32

RegisterEventSourceA
QueryServiceConfig2A
GetSidSubAuthority

olepro32

OleLoadPicture
OleCreatePropertyFrameIndirect

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ