198dd4b083e2cf5ee414f9d508652d21 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

198dd4b083e2cf5ee414f9d508652d21
Size

138KB
MD5

198dd4b083e2cf5ee414f9d508652d21
SHA1

41c536ee0af4a700623d36455e680e6256a20c7a
SHA256

57db60f7cea441d05a199bfc7492f588e79a08d30fa03545866222ce73ab8fcf
SHA512

eba76a88bc650a888574febc48b210f80f9f8b1c56a25eeb1a016f9783c26c55425cbb4be07aff598b779a68f728eb5eca76f6c411d64f48501714b2e64eab2a
SSDEEP

3072:d4ET52vMbwHDf56x2i7IZStp4btWQUZLNhmlbE+XB3NTu:D92KysaSAVi+XB3du

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
198dd4b083e2cf5ee414f9d508652d21

Files

198dd4b083e2cf5ee414f9d508652d21
.exe windows:4 windows x86 arch:x86

38c71ea50a8270c14f99eca8f0368b05

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasA
GetCurrentProcessId
LocalFlags
lstrlenW
ReadFile
GetPrivateProfileStringA
EnumCalendarInfoA
SetLastError
CreateEventW
GetModuleHandleA
FindClose
HeapCreate
EnterCriticalSection
LocalFree
ResumeThread
TlsGetValue
GetCurrentThreadId
GetNumberFormatA
GetDriveTypeW
FindAtomA

user32

DrawTextA
GetMenuInfo
GetKeyboardType
SetFocus
CallWindowProcW
GetKeyState
GetSysColor
IsWindow
GetClientRect
GetCursorInfo
DispatchMessageA
GetClassInfoA
DispatchMessageA

stclient

DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow
DllCanUnloadNow

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ