136c227251affdaf4c380c5a75677642 | Triage

Sharing

General

Target

136c227251affdaf4c380c5a75677642
Size

111KB
MD5

136c227251affdaf4c380c5a75677642
SHA1

0d88ea8e0e31bd55889a0e1f4ca7572698ffded4
SHA256

a1ae6393e7a03451837298652edffe206138570e5b67b29677fed624c563296a
SHA512

7a7f96f621bc8b391dcdc15d6c77789a87589926721c219c2ba04e9c8ac8f76310b7504ee84c62a71159ca12aba76928524ba957c9457af565af1172eb45a056
SSDEEP

1536:lz0FiAmV27inmrPw6vo4CKPSRoPpCoOsbR7kD+7aty4lYLKIwI+:CFGHSTaKKRabJkD+mpCLK/r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
136c227251affdaf4c380c5a75677642

Files

136c227251affdaf4c380c5a75677642
.exe windows:4 windows x86 arch:x86

a0ae966a35d96e9a9a14d50f4865f856

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA

gdi32

BitBlt
SetBkColor
GetPixel
SelectObject
CreatePalette

ole32

CoReleaseMarshalData
CoTaskMemFree
OleRun
CoDisconnectObject
CoFreeUnusedLibraries

version

VerInstallFileA
VerQueryValueA
VerFindFileA

shell32

SHGetDesktopFolder
SHGetDiskFreeSpaceA
Shell_NotifyIconA
DragQueryFileA
SHGetFileInfoA

comctl32

ImageList_Destroy
ImageList_GetBkColor
ImageList_Create
ImageList_Write

comdlg32

FindTextA
GetOpenFileNameA

kernel32

GetModuleHandleA
GetOEMCP
VirtualAllocEx
ExitProcess
GetCommandLineA
GetProcAddress

oleaut32

SafeArrayGetUBound
GetErrorInfo

user32

GetCursor
CharNextA
IsWindowEnabled
GetSysColorBrush
MessageBoxA
GetActiveWindow
SetWindowPlacement
IntersectRect

shlwapi

SHQueryInfoKeyA
SHDeleteValueA
SHSetValueA
SHDeleteKeyA
SHStrDupA

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 587B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 82KB - Virtual size: 81KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ