20a17222a9929b37ab465295bba3d0ac | Triage

Sharing

General

Target

20a17222a9929b37ab465295bba3d0ac
Size

192KB
MD5

20a17222a9929b37ab465295bba3d0ac
SHA1

31ed2e583df325fe5f30607223fdac1cb20d0340
SHA256

7730cf7e264cbea83aed455910bb751329d5b23e27ae42597674e79d03e2d1ab
SHA512

8057eeb05e51f75194f839246c8937faee94286eb7647be33d77e7b1eda75ac9e33b5576bddcb441d88abf030248a04caa92046fec8635bcd8bb408b1ecba8cb
SSDEEP

6144:nDsXYYJsgYblrJ4qpRjvvHa9nfNplT0Xm:DsXr2gKrJ48jPaLplTv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20a17222a9929b37ab465295bba3d0ac

Files

20a17222a9929b37ab465295bba3d0ac
.exe windows:4 windows x86 arch:x86

75586d78d4032a31555b4fc7d5f0ad97

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
GetModuleHandleA

user32

EnableWindow

comdlg32

GetSaveFileNameA

shell32

DragAcceptFiles

msvcrt

_makepath

shlwapi

PathAddBackslashA

comctl32

InitCommonControlsEx

version

VerQueryValueA

psapi

GetModuleInformation

Sections

.text
Size: 170KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.mapo
Size: 16KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE