111732374b68c450c024af1917fed44e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

111732374b68c450c024af1917fed44e
Size

123KB
MD5

111732374b68c450c024af1917fed44e
SHA1

5d04b4862cde3f9dc6c8998b8bc01f8633c8129f
SHA256

a01881fdd3bc40d04fe5b00832277db4a2ac8adbae2cf47a1844a16a9201233c
SHA512

af7ea0b433828c642b78ec23913a6607b58723b152b982a0917e1a756eb7580c8f96f9a4291b4da8f8c52a4af8430515d362da633164514c2ce033f02fd65077
SSDEEP

1536:hltoqas2OnOEixwl4Lns1IhzH/IDD8IN96qbKINPlIGp82w42dI0IljyHwEL/cZx:r39ixwyaIVs3Eqe6IGvh2pIlj8bcfa4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
111732374b68c450c024af1917fed44e

Files

111732374b68c450c024af1917fed44e
.exe windows:4 windows x86 arch:x86

977239746c70d5f39f4af0285c2170c4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreatePopupMenu
FrameRect
GetCursor
FindWindowA
GetDesktopWindow
GetCapture
GetMenu
GetActiveWindow

kernel32

DeleteCriticalSection
FindClose
ExitProcess
LoadLibraryA
VirtualAllocEx
EnumCalendarInfoA
GlobalAlloc

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegEnumKeyA

shell32

SHGetFolderPathA
Shell_NotifyIconW
Shell_NotifyIconA

Exports

Exports

j447AFZ@8
PtUAKyZ
_pesIl
5gtzAXd
_d89OYpeD7nIEl
_3yGNTDViB0Ix@20
_tlZlD
_6CVHK4U@12
h7KdnJQVy
_0kOJzakZhVdJp
LDy4yuLR6A3XiF

Sections

CODE
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 97KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 690B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tidata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ