147965ede67c873d59724a73aaea4755 | Triage

Sharing

General

Target

147965ede67c873d59724a73aaea4755
Size

31KB
MD5

147965ede67c873d59724a73aaea4755
SHA1

0d513432c712c112d17230e3051c1c2ef1345982
SHA256

b367e8a197419b9c7f7f300e181c485a47c4d5d81a0f24aed3d7bbbf6d849aa4
SHA512

d902c5b24ac1939f840f6bde0d5da82188eab17e1892a6907071828ee8a57ba85fe24944c21a659fde55246774cdf59aacaf358297d2ecd8ee8511a14d7b0785
SSDEEP

768:/cfV6byHoHV0NJV0KA+fQfV0tivxemvOZyhdhQ0clQpDql:/Df10N30gYN0tivxemvOZyhdhRclQlql

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
147965ede67c873d59724a73aaea4755

Files

147965ede67c873d59724a73aaea4755
.exe windows:4 windows x86 arch:x86

5694df18a37448bd475cd0461168a428

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ShowWindow
SetWindowLongA
GetWindowThreadProcessId
GetWindowLongA
GetWindow
GetDesktopWindow
GetClassNameA
FindWindowExA
CloseWindow
wsprintfA

shell32

ShellExecuteA

kernel32

GetCurrentProcessId
lstrlenA
lstrcpynA
lstrcpyA
lstrcmpA
lstrcatA
WriteFile
TerminateProcess
Sleep
LocalFree
LocalAlloc
GetWindowsDirectoryA
GetTickCount
CloseHandle
CompareStringA
CreateFileA
CreateProcessA
CreateThread
ExitProcess
GetStartupInfoA
GetModuleFileNameA

wininet

FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE