11a73e92abda63441b770d350c5b1607 | Triage

Sharing

General

Target

11a73e92abda63441b770d350c5b1607
Size

58KB
MD5

11a73e92abda63441b770d350c5b1607
SHA1

e7cf35bac96dabf03894283c73ea96872597f7b1
SHA256

cab4edff3dfee7b58936f9e01a1d06ab944b58bdc9a6442cff6f2625267d3817
SHA512

4d85ddb115a99802c0ca04d6077f59d6810caf466c941af76cd4cd48c0608555f76dc5ff8cc38e3013b1ac197d28c320c014641b0db80999b19bb29c8de38cf7
SSDEEP

1536:dhk+fFlM3uFqYZdQjxBP52N4yJIbYEp3qMtjqMqMjqMqlqMn:dJMaZdo2NjJAYEpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11a73e92abda63441b770d350c5b1607

Files

11a73e92abda63441b770d350c5b1607
.exe windows:5 windows x86 arch:x86

99bee05d2ccc28f69df8f57e4c5919c8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
GetTickCount
lstrcpyA
GetVersion
GetTempPathA
GetLastError
CloseHandle
WriteFile
CreateFileA
lstrcatA
GetLocalTime
lstrcpynA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
LoadLibraryA
GetTempFileNameA
CreateMutexA
OpenMutexA
ExitProcess
GetSystemTime
lstrcmpA
FindAtomA
GetCommandLineA
RtlUnwind
VirtualQuery
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent

user32

ClientToScreen
EqualRect
GetCursorPos
IsWindowVisible
GetCaretPos
InflateRect
GetWindowRect
GetFocus
wsprintfA

shlwapi

SHGetValueA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE