094c24edcb5573a686686e8ecca9d976 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

094c24edcb5573a686686e8ecca9d976
Size

70KB
MD5

094c24edcb5573a686686e8ecca9d976
SHA1

ecf72bbefb3affccd5048b5bf21e2689dad52ecf
SHA256

85d9437a28fd38d0c5fd2f5c2933430160aa8657f3e72a7cb77393d69a0050e0
SHA512

426e490b0b898792df328eac82037d9003f9f48e4ed45759ce2e663dbe662d25eeec475f96bd05ad58f09dfc49385a0e5a93ead586366e9233904566f6c16915
SSDEEP

1536:zrFla99f+ciZvmHwRRr8QYb/AcY7eW1iJ+GTj:k9fCZvmH2RLY7TVRj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
094c24edcb5573a686686e8ecca9d976

Files

094c24edcb5573a686686e8ecca9d976
.exe windows:4 windows x86 arch:x86

440c68c38a2ec1af4bc2adadeba5caab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
GetCommandLineA
GetModuleHandleA
GetVersionExA
HeapAlloc
HeapCreate
IsDebuggerPresent
lstrcpynA

advapi32

QueryServiceConfig2A
RegGetKeySecurity
GetMultipleTrusteeW

ole32

CoTaskMemAlloc
IsEqualGUID
StringFromGUID2

setupapi

SetupCloseFileQueue
SetupRemoveFromSourceListA

olepro32

OleCreatePropertyFrame
OleCreateFontIndirect
OleCreatePictureIndirect
OleLoadPicture

user32

SystemParametersInfoA
wvsprintfW
IsDialogMessageA

Sections

.text
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ