090ce2a9e8da5491a20df870635a1cc5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

090ce2a9e8da5491a20df870635a1cc5
Size

179KB
MD5

090ce2a9e8da5491a20df870635a1cc5
SHA1

77a9a9daaf1f9d5e28cf95187e39d94cd4fba351
SHA256

2d89056dffde2b9837cb321160f078667d652509e2a2c65e689a3089666d4f52
SHA512

36d76b6456cf29307dc6d2a050297d5febe4348813e7ed6d405d375d85eb873c8a182c5de8fceaed3b9921811592362eee5642cb29cea56f06ddeb42fa3653a1
SSDEEP

3072:Dz2KVg5yFIX4L+Q0rT1HaGHTtHTPSgELuA2iHmS8F8TEel:n2bYY4SrAGzlzSgE52amNFo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
090ce2a9e8da5491a20df870635a1cc5

Files

090ce2a9e8da5491a20df870635a1cc5
.exe windows:4 windows x86 arch:x86

a4cd31723fdebba446ed50bc6ae19357

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
GlobalFree
GetCurrentProcessId
GetFileInformationByHandle
CreateFileW
LoadLibraryW
GetProcAddress
EnumResourceTypesW
ExitProcess
GetModuleHandleW
CloseHandle
UnhandledExceptionFilter
GetCurrentThreadId
GetLastError
GetVersionExW

msvfw32

ICOpen
ICClose
ICSendMessage
ICDecompress

user32

AdjustWindowRectEx
PostMessageW
GetWindowPlacement
SetRectEmpty
GetClientRect
InvalidateRect
SetCursor
FillRect

advapi32

RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
RegEnumKeyExW
RegDeleteKeyW
RegCreateKeyW
RegCloseKey
RegSetValueW

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ