24546660e2eb696935a03fb4ea7e9944 | Triage

Sharing

General

Target

24546660e2eb696935a03fb4ea7e9944
Size

72KB
MD5

24546660e2eb696935a03fb4ea7e9944
SHA1

872cfc88785365e81ddb5f44402a9f688ea030f1
SHA256

8180e6cd82add94f59dda73cdf364e9d63119dcdbeac66ebc5f7e7bc4107bd8a
SHA512

f5dd26e0f6cf6e41c6998faa035761eb84cbf8cbe9c25bab6b0180a0ae5e79122cd762b85d01ee99ae81e441617cb34f6f47c91a3df2d1d21f7422616705a3e0
SSDEEP

1536:wc9ILVS1m7d9++XR0ygnhgoC9eKQOlxInrP:wpRS1m7f+g/gnhpJTCkr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24546660e2eb696935a03fb4ea7e9944

Files

24546660e2eb696935a03fb4ea7e9944
.exe windows:3 windows x86 arch:x86

fe4fd012cb1c14a7c001a9b61a2146bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateEventA
CreateFileA
DisableThreadLibraryCalls
EnterCriticalSection
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetModuleFileNameA
GetModuleHandleA
GetProcessHeap
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
HeapAlloc
HeapDestroy
InterlockedExchange
InterlockedIncrement
MultiByteToWideChar
QueryPerformanceCounter
Sleep
UnhandledExceptionFilter

user32

EnableWindow
GetDC
GetDlgItem
GetWindowLongA
InvalidateRect
IsDlgButtonChecked
LoadCursorA
LoadIconA
PostMessageA
PostQuitMessage
ReleaseDC
SendMessageA
SetForegroundWindow
SetWindowLongA
ShowWindow
TranslateMessage
wsprintfA

Sections

CODE
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 37KB - Virtual size: 137KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ