22e9391910e92b36025d701e1b79ea49 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22e9391910e92b36025d701e1b79ea49
Size

18KB
MD5

22e9391910e92b36025d701e1b79ea49
SHA1

c7d6d72388cdc3d49d11d73293b82fc4cc13c36f
SHA256

dcd4c84a1c9a579c337d91620103799a17dfc57ba4fe7a4014fbe21eab0c8ddc
SHA512

87c72be1a0cbd9f738580d6dcaf0b50f2be453beb42fb6914a2ebf745a8c5c87ef2490dc71b31d5b040b9f57a50bec894c065333a654d9acb36e3924e9c070d9
SSDEEP

384:6L/MicRbCGumqn8JYmNiJH2Xk3oOhWO8KBxo:eh85Qfjfo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22e9391910e92b36025d701e1b79ea49

Files

22e9391910e92b36025d701e1b79ea49
.exe windows:4 windows x86 arch:x86

d8851239d9de7369cef05708cecec15b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetTapeStatus
GetModuleHandleA
GetEnvironmentStringsA
GetStdHandle
WaitForSingleObject
InterlockedExchange
GetTimeFormatA
GetCurrentProcessId
GetProcessVersion
HeapDestroy
DeleteAtom
GetACP
GetCommConfig
GetLogicalDrives
LoadLibraryExA
CreateFileMappingA
CreateHardLinkA
VirtualProtect
GetCurrentThread
HeapCreate

user32

DrawTextA
EndPaint
SetForegroundWindow
GetParent
GetCursorPos
GetWindow
ReleaseDC
GetClassNameA
DragDetect
BeginPaint
ShowWindow
GetTitleBarInfo
FrameRect
FillRect
GetDlgItem
wsprintfA
GetFocus
SetActiveWindow
GetWindowTextLengthA

advapi32

RegCloseKey
RegSetValueExA
RegFlushKey
RegEnumKeyA
RegCreateKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ