0937549eea7e2a8a01e36dba9e25c90b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0937549eea7e2a8a01e36dba9e25c90b
Size

415KB
MD5

0937549eea7e2a8a01e36dba9e25c90b
SHA1

215144793b589e9c7f83e39511f1cad5b8cb02df
SHA256

e11d3013995ae4b78fe1ef71b7c4303a4095990f966a23ecc3e5fae648115a21
SHA512

4672cf74e06799362a4e621e7012dcc2fda385533b30abd563c8451b075c231ea42314d02c3d7d5ca0bc6ed72563b0f061ec63f89b26b99775ac59fa6105adac
SSDEEP

6144:v6b2I7dBJY+l8EAnddMJfnDnDYiktjAg2SDj2uqLUITtjtz:v6qIprYLsr0iktjrpDSFJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0937549eea7e2a8a01e36dba9e25c90b

Files

0937549eea7e2a8a01e36dba9e25c90b
.exe windows:4 windows x86 arch:x86

e05cea7e61162f69dda0bafce8433ad1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomA
VirtualProtect
EnterCriticalSection
GetStdHandle
GlobalFree
Sleep
RaiseException
HeapCreate
GetSystemDirectoryA
GetLastError
GetLogicalDrives
GetCommandLineA
LoadLibraryExA
GlobalAddAtomA
GetACP
InterlockedExchange
LockResource
CloseHandle
SetErrorMode
GetFileAttributesExA
GetLocaleInfoA

user32

GetWindow
GetCursorPos
GetActiveWindow
FlashWindowEx
DrawTextA
GetFocus
ShowWindow
FillRect
FrameRect
wsprintfA
SetForegroundWindow
ValidateRect
IsIconic
GetClassNameA
EndPaint
GetWindowTextA
GetParent
ReleaseDC
BeginPaint

httpapi

HttpAddFragmentToCache
HttpCreateHttpHandle
HttpAddUrl
HttpTerminate
HttpInitialize

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ