15b57d61e137e96d70cce644541adb9d | Triage

Sharing

General

Target

15b57d61e137e96d70cce644541adb9d
Size

317KB
MD5

15b57d61e137e96d70cce644541adb9d
SHA1

943909ba5496f7a8b3faffca9d3ed061cec7311b
SHA256

7e99ebd5da7523d1d5a2511870560220cdc280acaab8a1e2c0f62344a86ab684
SHA512

96c2b492a25780007845fd6663b130aec270f4bda34ce3fb2cf7aa231712d1ff47e4e207ffc2cd627c4d41dab07ffe09e4954cc1d6a61b72ee2bf98ad5f9031d
SSDEEP

6144:WEFp3eC/4nXA13lwjbjHMGcnr6hDLCF1bzzFD5BrOSMInBOwUsD1N:WE4nX5Hrlcnr6hDLstzzYSMaBOwUsRN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15b57d61e137e96d70cce644541adb9d

Files

15b57d61e137e96d70cce644541adb9d
.exe windows:4 windows x86 arch:x86

ae48ee2074684beadb70d1ea63a5cca8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
SetConsolePalette
GetStdHandle
LocalFree
FreeConsole
GetACP
GlobalFree
RaiseException
DeleteAtom
EnterCriticalSection
WriteProfileStringA
GlobalAddAtomA
LoadResource
GlobalUnlock
GetLastError
VirtualProtect
IsBadCodePtr
HeapCreate
lstrcpyA
LoadLibraryExA
GlobalAddAtomA

user32

GetDC
GetWindowTextLengthA
BeginPaint
CloseWindow
GetParent
GetFocus
ValidateRect
GetActiveWindow
GetWindowTextA
GetClassInfoExA
GetClassNameA
GetWindow
ReleaseDC
DrawEdge
GetForegroundWindow
AlignRects
ShowWindow
EndPaint
IsIconic

mprapi

MprAdminUserGetInfo
MprAdminUserOpen
MprAdminUserRead
MprAdminUserClose
MprAdminUserWrite

linkinfo

CreateLinkInfoA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ