14186ca980989e786e9f0773c0176003 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14186ca980989e786e9f0773c0176003
Size

15KB
MD5

14186ca980989e786e9f0773c0176003
SHA1

a2d40290ab6693ce90cbf54e46740b0c59d2119a
SHA256

35f681ad9315fe1dc8e3e584164007130f7f95f4b95bc9091b7c009398e074b6
SHA512

0cb20960de6ee43ac5300d1bef3a6d32a7b74487f107f27e3dbda64e4c23115ffba0204df96fbc43c983aea7bb2e4a00a911e85870a2ecaea12270831fc72585
SSDEEP

384:kK8hunlILtBLkDNGT7zS/NaFponBpdxc5wCZWfLvtjv2EGA:lYLyNGT7O/Nupw/TUsvMF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14186ca980989e786e9f0773c0176003

Files

14186ca980989e786e9f0773c0176003
.exe windows:4 windows x86 arch:x86

60b7521b1be012518d7d3cc38f534830

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstChangeNotificationA
CreateDirectoryA
EnumTimeFormatsA
BuildCommDCBAndTimeoutsA
LCMapStringA
GetNumberFormatA
GetDiskFreeSpaceExA
VerLanguageNameW

user32

CreateWindowExA
DlgDirListA
SetUserObjectInformationA
IsDialogMessageA
DefMDIChildProcW
RegisterClassA

gdi32

GetCharWidth32A
GetOutlineTextMetricsA
AddFontResourceExW
StartDocA
GetGlyphIndicesA
CreateScalableFontResourceA
PolyTextOutA

Sections

.masm
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.masm
Size: 1024B - Virtual size: 844B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 734B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ