2084670458656bcee01447ce95d8d494 | Triage

Sharing

General

Target

2084670458656bcee01447ce95d8d494
Size

316KB
MD5

2084670458656bcee01447ce95d8d494
SHA1

fdd53172d0bb43d068a634b8adadafa303421b62
SHA256

e740e7fb7752db49669b81e93d8f0d739f04ffe419d43576194af6b3e8d92c34
SHA512

a9914b064c7bd12dd87b31f79870b6244f2bb53457b266c1679b0cd5c96110b8c00b8e8308e6b6ba02309a4df32fea788403aae5213780f86d3bdaa3207d3f50
SSDEEP

6144:qs8BmLHC9+7SxhjmqsfGCIUZXiwRlDzgnJOGHhZ9al5YgvysriJOh:T6h5mf3I2iwDzgn3Y5h6sriJ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2084670458656bcee01447ce95d8d494

Files

2084670458656bcee01447ce95d8d494
.exe windows:4 windows x86 arch:x86

616a88d51a0e3b3d9f6f65b8d312738d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
InterlockedExchange
RaiseException
ReleaseMutex
LoadLibraryExA
Sleep
FindFirstFileA
GetLocaleInfoA
GetLastError
GetCommandLineA
SetErrorMode
HeapCreate
ResetEvent
CloseHandle
EnterCriticalSection
GetSystemDirectoryA
GlobalFree
GetACP
VirtualProtect
GetStdHandle
GetLogicalDrives

user32

GetClassNameA
GetFocus
GetWindowTextA
ValidateRect
GetCursorPos
SetForegroundWindow
BeginPaint
GetActiveWindow
GetParent
DrawTextA
IsIconic
FrameRect
FillRect
ShowWindow
EndPaint
GetWindow
ReleaseDC
FlashWindowEx
wsprintfA

httpapi

HttpAddUrl
HttpInitialize
HttpAddFragmentToCache
HttpCreateHttpHandle
HttpTerminate

winhttp

WinHttpOpen

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 696KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ