096445a1c3e9b93e3264432a58b081ee | Triage

Sharing

General

Target

096445a1c3e9b93e3264432a58b081ee
Size

200KB
MD5

096445a1c3e9b93e3264432a58b081ee
SHA1

33e405bf88a373a0439f567d0290221ccf9f707b
SHA256

e0b8a0dfeade8b222a573b523ae3844aee7eef573b7a25af5f2b115cea1eb04d
SHA512

bfde35a00b8d42498e098f6fe72e8276f9be76766443230429e50a66bb5e3f8fe77cbb859423a708629acf7021a2d881425cc2f520b55f7a2f28dacad36a5bb7
SSDEEP

6144:mEh6VmRFOxVWZW9WnthJjXXLZ4pHv05Ik8ysfd:76VmRgantjjnOhvJPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs
Checks for missing Authenticode signature.

Processes:

resource

096445a1c3e9b93e3264432a58b081ee

Files

096445a1c3e9b93e3264432a58b081ee
.exe windows:4 windows x86 arch:x86

c40833903c011f0dc549b977c10af4a6

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResumeThread
VirtualFree
LoadLibraryA
VirtualAlloc
VirtualProtect
SetEvent
GetProcAddress
GetModuleHandleA
HeapReAlloc
OpenMutexA
ResetEvent
LocalSize
VirtualAllocEx
GetExitCodeThread
GetLastError
GetFileAttributesA
VirtualLock
ReleaseSemaphore
SuspendThread
GetProcessHeap
LocalLock

user32

IsWindowUnicode
LoadCursorA
GetDesktopWindow
IsZoomed
ShowWindow
SendMessageA
GetSysColorBrush
GetDC
GetCursorPos
SetTimer
ReleaseDC

gdi32

GetPixel
SetPixel

psapi

EnumProcessModules
GetWsChanges

msvfw32

DrawDibOpen
DrawDibEnd
DrawDibClose

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ