10a6cb1331e9d653c8a8a6c108562e94 | Triage

Sharing

General

Target

10a6cb1331e9d653c8a8a6c108562e94
Size

146KB
MD5

10a6cb1331e9d653c8a8a6c108562e94
SHA1

19cfafc6f0cd6f8e233933a5fda1f9c084bb361d
SHA256

e8f284e9ec942ef46a5d0e90aacb9cee827acfa9efe0fd84e533aa691e982e49
SHA512

e0acdc2e68f22c2a2f7f2b59ba8ff0a4ad7ae0df3ba6b843cfa11fdb89807f1d2585dd0eebadfd310bf200882b3b35fde0f9805500345960b4f4ecaedc77feaf
SSDEEP

3072:rjBIAlMXRNrSqd/g2F2ZQX03eUhxv1RRZ:rSAlMBhbW2F2ZQX0lhx9R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10a6cb1331e9d653c8a8a6c108562e94

Files

10a6cb1331e9d653c8a8a6c108562e94
.exe windows:1 windows x86 arch:x86

3c160b0686d947fa1783c7039cceb217

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess

user32

GetKeyboardType
WindowFromPoint

advapi32

RegQueryValueExA
RegQueryValueExA

oleaut32

VariantChangeTypeEx

gdi32

UnrealizeObject

Sections

pec1
Size: 132KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE