115384f9084f09d0b22520fa945e3b65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

115384f9084f09d0b22520fa945e3b65
Size

167KB
MD5

115384f9084f09d0b22520fa945e3b65
SHA1

4670e53a43363454688d29cf4721671b9959ed59
SHA256

e514e4d3a5ff9be482a233afc37e00f5f15e8da43f1eac7fbdcdfbdcc290b2cf
SHA512

84f9d50b57c14945f6447717b683fd42c5d040ff6294c00152d4cae8fa4b9b02bc08d9cb8301ba8b7988e69f63ea45a5202ef1c25550071c3d7f8964bfd6c028
SSDEEP

3072:ZWMrJgbUZIMJearRqZSpsp9UNbbTKrNYSq9vWQk8GBrTQVtarkQFs:ZWsAot+XKT5SqIQk8c3Q/QF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
115384f9084f09d0b22520fa945e3b65

Files

115384f9084f09d0b22520fa945e3b65
.exe windows:4 windows x86 arch:x86

50ac7b5cea538648b6a2d02e3790f0df

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msimg32

AlphaBlend
TransparentBlt

gdi32

GetDeviceCaps
GetTextExtentPointA
GetTextMetricsA
SelectObject
DeleteObject
CreateFontIndirectA

ole32

CoGetMalloc
CoCreateInstance
StringFromGUID2
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

kernel32

QueryPerformanceCounter
WideCharToMultiByte
GetEnvironmentStrings
InterlockedExchange
GetCPInfoExW
WriteFile
GetTickCount
DeleteCriticalSection
GetVersionExA
GetCPInfo
MultiByteToWideChar
FreeEnvironmentStringsA
GetThreadLocale
SetHandleCount
GetEnvironmentStringsW
RaiseException
EnumResourceTypesA
FreeEnvironmentStringsW
TlsGetValue
GetStartupInfoA
GetLastError
InitializeCriticalSection
InterlockedIncrement
lstrlenW
GetEnvironmentStringsW
HeapSize
GetLocaleInfoA
GetFileType
GetOEMCP
LeaveCriticalSection
UnhandledExceptionFilter
GetACP
GetStdHandle
TlsSetValue
EnterCriticalSection
GetCurrentProcessId

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ