241a5ec89e26f82b9481cbfedc9c086d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

241a5ec89e26f82b9481cbfedc9c086d
Size

283KB
MD5

241a5ec89e26f82b9481cbfedc9c086d
SHA1

576e13c7a240238991771e69459ee262fa679fae
SHA256

75ee48be1bb16db8f3e61eea0b31bb83b5cfd81ac5e15a9894f687611dea8628
SHA512

9f4847ac525f0199d350f59c43a2f2678c61eb0df4aaf7663686d276cc2cee22ae50650c885f931b797d834f1c54fe22e5afba52638d802e0b91124271ed3279
SSDEEP

6144:aaxOMZQg/Dax+8EzUZs7qkfapSmryK5PkFzWdKn5rR9o:hZf/2x+8rZs71faRrjl+zW0nH9o

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
241a5ec89e26f82b9481cbfedc9c086d

Files

241a5ec89e26f82b9481cbfedc9c086d
.exe windows:4 windows x86 arch:x86

45203969f16eeb85ac75060cec2fdb2c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GetOEMCP
CreateMutexA
CancelWaitableTimer
GetUserDefaultLangID
TlsGetValue
AddAtomA
ReleaseMutex
GetExitCodeThread
CreatePipe
TlsFree
VirtualAlloc
CompareStringA
GetThreadLocale
GetThreadTimes
GetLargestConsoleWindowSize
GetThreadPriority
GetModuleHandleA
GetHandleContext
IsDBCSLeadByte
GetConsoleCP

user32

IsWindowVisible
GetClassInfoExA
ReleaseDC
GetClassNameA
GetWindowTextA
InvalidateRect
GetWindowTextLengthA
GetWindow
GetActiveWindow
GetDC
CloseWindow
GetForegroundWindow
ShowWindow
IsIconic
ReleaseDC
GetFocus
GetSystemMetrics
RegisterClassA
ValidateRect

dsound

GetDeviceID
DirectSoundEnumerateA
DirectSoundCreate
DllGetClassObject
DllCanUnloadNow

mscms

CheckColors

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ