15ad3951b8be7ec89ecb6e4e9a9094d2 | Triage

Sharing

General

Target

15ad3951b8be7ec89ecb6e4e9a9094d2
Size

177KB
MD5

15ad3951b8be7ec89ecb6e4e9a9094d2
SHA1

4770a7555a329df601cecb45450898b8d3ba5c03
SHA256

7833c5e356cab43411003d64d5ebc6c5612582d7bfb3bf2326d40e7a5f6f3a3c
SHA512

630094dd4cfde8a40daff9181a72a46dd7fe9f7c5a08d4db615812db7a062fbcffc00eac808563ba010021b20f40502531cfe26ac2a0fff7480e44b5e2e860e4
SSDEEP

3072:a3m8K05p07djqlcH2tFRZnuHFz40rXMUEZV2nq/ZsHxc3I9lBsC2lav4lG7niy7X:aY05pMqKOLUp4wXMNaq/Y2Qtv4lG7Z84

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15ad3951b8be7ec89ecb6e4e9a9094d2

Files

15ad3951b8be7ec89ecb6e4e9a9094d2
.exe windows:4 windows x86 arch:x86

448e4c37bb1d2f6daa280e234d6bef6b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleA
GetAtomNameW
SetFilePointer
GetDateFormatA
GetTimeFormatA
TlsAlloc
GetCPInfo
VirtualAlloc
HeapReAlloc
TlsGetValue
RtlUnwind
TlsSetValue
IsValidCodePage
EnumResourceNamesA
GetConsoleOutputCP
GetLocaleInfoA
MultiByteToWideChar
EnumSystemCodePagesA
SetStdHandle
GetACP
HeapSize
GetOEMCP
RaiseException

shell32

SHGetDataFromIDListW
SHGetFileInfoW
ShellExecuteW
SHGetDesktopFolder
SHBrowseForFolderW
SHAppBarMessage
DragAcceptFiles
SHGetSpecialFolderLocation
ShellExecuteExW
SHGetPathFromIDListW
SHGetMalloc
Shell_NotifyIconW

occache

FindControlClose

Sections

.text
Size: 88KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ