22ee5ba9023abda4c3c8bc63a673abe6 | Triage

Sharing

General

Target

22ee5ba9023abda4c3c8bc63a673abe6
Size

133KB
MD5

22ee5ba9023abda4c3c8bc63a673abe6
SHA1

16b471205088c82047f3e1248fe4053f0e6ea4ec
SHA256

7b96dab7c54a02ca9e0a5dd0333cde251041e50bc66efc52c603b1634ce17fb9
SHA512

1fc070bb938c565513e335093e3d4fb77f9cd42af0f55ddb57ae219672baff48b83cde4bc83e566923806a9b322ba1d587a2cbd7f884c5497ef8089094095984
SSDEEP

3072:kljYhKVv/4rt1LOqSvMjFZUxEQe+W4N1DSK41ToTgfWvz:klKAkjwKQe+WudSK4ScM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22ee5ba9023abda4c3c8bc63a673abe6

Files

22ee5ba9023abda4c3c8bc63a673abe6
.exe windows:4 windows x86 arch:x86

4c51a89564cc9eec7048dcc03077a83f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareFileTime
ExitProcess
GetFileTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
InterlockedCompareExchange
IsDebuggerPresent
LoadLibraryA
RaiseException
VirtualAlloc
VirtualFree
lstrcpynA

user32

ClientToScreen
DrawTextA
GetActiveWindow
GetWindowRect
GetWindowTextA
SetForegroundWindow
SetWindowPos
SystemParametersInfoA

gdi32

BitBlt
CreatePalette
DeleteDC
DeleteObject
ExtTextOutA
SetEnhMetaFileBits
SetWinMetaFileBits

shell32

CommandLineToArgvW
DragFinish
ExtractIconA
SHAddToRecentDocs
SHAppBarMessage
SHBrowseForFolderW
SHChangeNotify
SHFileOperationA
SHFileOperationW
SHGetFileInfoW
SHGetFolderPathW
SHGetPathFromIDListA

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ