11ce3674872132b851e9b5483fae807a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

11ce3674872132b851e9b5483fae807a
Size

232KB
MD5

11ce3674872132b851e9b5483fae807a
SHA1

234089746911ab4197e6e2969235886e9b1842a8
SHA256

411759559662a896ca4ec7965525b3f7164320fbf8808b76397715167c92d5d4
SHA512

4b975798f05bdc944f791a883580024a1b0f205b8a31a4a2dce85f24f07035d744d030fe5cb0ddc92ac7b289b08e6d042caa90ead69c12cfd604eaefdd9100cc
SSDEEP

6144:Xz48jKHjFPcZ8vM/wUfdM2lit5sH/nLjh:XzjKDs80RdM2Mt5sHPL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
11ce3674872132b851e9b5483fae807a

Files

11ce3674872132b851e9b5483fae807a
.exe windows:4 windows x86 arch:x86

28993d6c494d4c8beb23d4b9d3abd6be

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
lstrcatA
GlobalAlloc
LoadLibraryA
lstrcmpiA
VirtualAllocEx
HeapDestroy

ole32

OleRegGetUserType
ReleaseStgMedium
StgOpenStorage
CoRegisterClassObject
CoCreateFreeThreadedMarshaler
PropVariantClear
GetHGlobalFromStream

user32

GetDC
CharNextA
GetMenu
GetFocus
GetSysColorBrush
GetDCEx
GetDlgItem
GetTopWindow
GetCursorPos

shell32

SHGetFolderPathA
Shell_NotifyIconA
Shell_NotifyIconW
SHGetDesktopFolder
SHGetDiskFreeSpaceA

Exports

Exports

DiGZlQOFAH6D@24
_5GuA9Nt
_3P4FXYJeZTj
_ygivt_kCcPTA@12
ZsDdzP2CgAP5@20
wqIOZ2p8iwlgX

Sections

CODE
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itdata
Size: 204KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iidata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ