0e41bd69ce4ee426c61ed64ee744fde8 | Triage

Sharing

General

Target

0e41bd69ce4ee426c61ed64ee744fde8
Size

22KB
MD5

0e41bd69ce4ee426c61ed64ee744fde8
SHA1

5c974f1a3de8b311dec5b28ed3c968d230fd4ca9
SHA256

7b9178f8a6ff9a1a4f525ba7f1d4421e354a11a394c5e7180893a3001ddc2799
SHA512

2d7ab410d18255343575c574ad7665ebbf8004af3f9634ec4caedf9cd885b2d9ddaffc1bcaf6f5aff00b70ce7771fee410f253fd315c0537a4f442ce2ff34b1a
SSDEEP

384:KIxJnvTcmBZ0FZcX7ckfwhNaBU5pArV1tGcqej9I1rjA8OPK9AzaOFi:KUJnvTjBZ0jcXIAkE4mV1tKPrMPK9ANF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e41bd69ce4ee426c61ed64ee744fde8

Files

0e41bd69ce4ee426c61ed64ee744fde8
.exe windows:4 windows x86 arch:x86

8879d5abc2afad37994202e61a809d92

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

GetStartupInfoA

user32

UpdateWindow
GetSystemMetrics
RegisterClassA
LoadCursorA
PostQuitMessage
LoadImageA
ReleaseDC
GetDCEx
WaitMessage

gdi32

CreateCompatibleBitmap
CreateRectRgnIndirect
DeleteObject
GetStockObject
GetObjectA

msvcp60

??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
??9std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@PBD@Z
?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z

msvcrt

strlen
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
_onexit
__dllonexit
memmove
memset
getenv
memcpy
??2@YAPAXI@Z
atoi
_except_handler3
rand
sprintf
_controlfp

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ