168cfc385c555163e72b49c85e9863d2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

168cfc385c555163e72b49c85e9863d2
Size

636KB
MD5

168cfc385c555163e72b49c85e9863d2
SHA1

8c30c5c677e82e916ffc8ee59807797993203de2
SHA256

dc75013b6bc774c94da514415d0e8a79b5f41f36d6bd26353d83449ed2d0e567
SHA512

422e8c999199fc94e1caa5e226da0485d6b18648e5c3eefa5649b4dac06e2721bab442dae9480f96d8ba3dc4056e74222e6411eddc670a12b06b6f05372e3235
SSDEEP

12288:8mFhr395JN/RHya7lDSyQIOBA5AmyG3sOOmUzCoS1vsIfjm:8Ihfb/RSaxD5/OBA5AmyQsOtUmHlfj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
168cfc385c555163e72b49c85e9863d2

Files

168cfc385c555163e72b49c85e9863d2
.exe windows:4 windows x86 arch:x86

8c157f8cc3bbe6f011f432645cb03d62

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
LoadLibraryExA
SetLastError
HeapCreate
GetSystemTime
LocalLock
ResumeThread
GetUserDefaultLangID
GetConsoleDisplayMode
GetVersion
InterlockedExchange
GetConsoleCP
GlobalSize
WaitForSingleObject
lstrlenA
HeapReAlloc
GetCommandLineA
WaitForSingleObject
GetModuleHandleA
GetACP
VirtualProtect

user32

wsprintfA
GetClassNameA
GetWindow
ReleaseDC
GetCursorPos
FrameRect
GetDC
EndPaint
SetForegroundWindow
CreateIcon
DrawTextA
ShowWindow
FillRect
AnyPopup
GetFocus
GetTitleBarInfo
BeginPaint
GetParent
DragDetect

ntshrui

DllCanUnloadNow
DllGetClassObject
SetFolderPermissionsForSharing
GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA

msacm32

acmFilterEnumA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ