215e62f4ff24560de2d3e26d7877ef12 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

215e62f4ff24560de2d3e26d7877ef12
Size

278KB
MD5

215e62f4ff24560de2d3e26d7877ef12
SHA1

0e37b5697c11a5a697592d8cc11e85bb9be52694
SHA256

5b49df35002151819729edb67b2e697d6393c226b6e5b5822a1df01861ff19f6
SHA512

2424e40f843fc5df95b904720623d4aeb11f6e28fc79956c6d2ba0d41a7890f6e6771ed4742615c5e73e12f94b5e9a090f8d9e705da0c902c199f1e98115ce18
SSDEEP

6144:SQQirrajg6mGhZnNRrCMY5lbh6EwhDC5YMiv/PY:FQirIguhhr1LEwhDCb8HY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
215e62f4ff24560de2d3e26d7877ef12

Files

215e62f4ff24560de2d3e26d7877ef12
.exe windows:5 windows x86 arch:x86

1dc62d8bf595b7653dbecff2f3a532d8

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDesktopWindow
SetWindowLongW
DialogBoxParamA
SetWindowTextA
EnumChildWindows
IsCharAlphaA
GetActiveWindow
MoveWindow

ole32

CoRevokeClassObject
CoCreateFreeThreadedMarshaler

comctl32

InitCommonControlsEx

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

kernel32

GetTimeZoneInformation
GetTickCount
DeleteCriticalSection
LocalAlloc
GetStartupInfoA
GetDateFormatA
HeapDestroy
LoadResource
FindResourceExA
ExitProcess
InitializeCriticalSection
FreeLibrary
GetProcAddress
LoadLibraryA
IsBadStringPtrA
SuspendThread
HeapCreate
LocalFree

Sections

.text
Size: 265KB - Virtual size: 264KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ