094918736afb7793103052c11e631791 | Triage

Sharing

General

Target

094918736afb7793103052c11e631791
Size

8KB
MD5

094918736afb7793103052c11e631791
SHA1

9451cc2bf468e719001f773ce69a929d2cc33235
SHA256

5e1f355341786444007451268f60d9b34b9dc5dac8909cf2e4345a6db1a86883
SHA512

4f963a9fa73ebb0be47d3619aeffe6a524829f36fae6e2315d0e65ed1664cfc37b017ee61d7969a22704086834e367faaadf40f4e8f67cd667b1bdea70a500a4
SSDEEP

192:yHMEivxrOBKrTNk4hzWhmJ0ORFGk4QmG7WdSe:EMEivxG0TNk4hzIG5RLmG7W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
094918736afb7793103052c11e631791

Files

094918736afb7793103052c11e631791
.exe windows:4 windows x86 arch:x86

1dad7d0f0295318d34d13ee2e40cb5cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpyA
FindFirstFileA
CreateProcessA
GetStartupInfoA
GetProcAddress
GetCurrentThreadId
GetTickCount
CancelIo
GetACP
GetCurrentProcess
GetCurrentThread
GetCurrentProcessId
FreeLibrary
LoadLibraryA
lstrcatA
MoveFileExA
GetThreadPriority
CreateFileA
lstrlenA
GetTempFileNameA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
ReadFile
SetFilePointer
GetFileSize
GetSystemDirectoryA
GetModuleFileNameA
GetTempPathA
GetShortPathNameA
GetLastError
CreateMutexA
CloseHandle
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
ExitProcess

user32

GetTopWindow
SetActiveWindow
GetCapture
wsprintfA
GetActiveWindow

gdi32

GetBrushOrgEx
CancelDC
CreateCompatibleBitmap
CreateCompatibleDC
GetBkColor
GetBkMode

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 62B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE