0936ca49dcf5ccb087575d9933a33011 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0936ca49dcf5ccb087575d9933a33011
Size

89KB
MD5

0936ca49dcf5ccb087575d9933a33011
SHA1

2b4336dec97bd898dbe4772e3a9bdb4a69fd553d
SHA256

425a2c998bc41be504005609300eaacb109a88f6ef29b92a79461554095698cb
SHA512

8289528b3d7ed498036e103c3b66e6fe01f611a0c10fbc9f3942f32e4e724a0cce0fc9f5a379be9f32a66724eb28df337a031d28b02cb21c1382e2231a22dc28
SSDEEP

768:6Ln2mXHRwnlkKPJU/V4Uk1AW4sfILv0rHyIJ/vP59+CwbCVMB4WkbTY:YNmpP+/ZKzfrHNPT+CwbCFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0936ca49dcf5ccb087575d9933a33011

Files

0936ca49dcf5ccb087575d9933a33011
.exe windows:4 windows x86 arch:x86

76485263cf4d481094c652c5fda661ae

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
CloseHandle
SetEvent
ReleaseMutex
GetModuleHandleA
GetLastError
CreateThread
FindClose
SearchPathA
lstrlenA
VirtualProtect
FindVolumeClose
DeleteCriticalSection
FindResourceExA
ExitProcess
TlsGetValue
GetCalendarInfoA
Sleep
GetDiskFreeSpaceA
FindAtomA

user32

GetScrollBarInfo
EndDialog
CopyImage
DispatchMessageA
GetUpdateRect
EnableWindow
CreateWindowExA
DialogBoxParamA
CreateMenu
IsIconic
GetMessageA
GetKeyState
CloseWindow
DragDetect

msdmo

DMOGetName
DMORegister
DMOUnregister
DMOGetTypes
DMOEnum

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE