203c72d081e6c0e0c348b9f15088d95a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

203c72d081e6c0e0c348b9f15088d95a
Size

199KB
MD5

203c72d081e6c0e0c348b9f15088d95a
SHA1

fd47e5b6426a19fe726844ad7d2b0a760cecc5df
SHA256

45e80981d116dffca53bc62380124784cadc213fcb5dc47405e2d09413271656
SHA512

8ec3b3d64d88c633b28b80a1db1e26d64d22e5b36555a743769c7a42d8e07318fa6301e0d0fe38f32ff430933cbf9e49d2ff48f69b02c1823a8e76a17856d269
SSDEEP

3072:qk+Hn2oM3TUULfoAGrLGBgNGGoJKG7ERRbuemXhJGTr5cxXgjR:ynhM3BoHpoGoJKzRg1EcxQt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
203c72d081e6c0e0c348b9f15088d95a

Files

203c72d081e6c0e0c348b9f15088d95a
.exe windows:5 windows x86 arch:x86

e8ef2203d3e7d9830a2f05cad5f7d0f7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetCurrentDirectoryW
VirtualQuery
GetCurrentThreadId
GetModuleFileNameA
CancelIo
HeapCreate
GetCommandLineA
GetFileTime
GetFileAttributesA
HeapFree
GetDriveTypeA
CreateDirectoryA
ExitThread
CreateSemaphoreA
FindVolumeClose
GetModuleHandleA
CloseHandle
IsBadReadPtr
LocalSize
FindVolumeClose
FindClose
GetFileType
lstrlenA
WaitForMultipleObjects

uxtheme

GetThemeSysSize
CloseThemeData
SetWindowTheme
GetThemeTextExtent
DrawThemeEdge
OpenThemeData
CloseThemeData
GetThemeBool
GetWindowTheme
IsThemeActive
GetThemeColor
GetThemeTextMetrics
DrawThemeBackground

fmifs

Extend
Extend
Extend
Extend

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 191KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE