14d5f1bfbbc22ec55d2312e3305e7048 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

14d5f1bfbbc22ec55d2312e3305e7048
Size

324KB
MD5

14d5f1bfbbc22ec55d2312e3305e7048
SHA1

76c25c6e2d1a5822f2aa3759260e98b6cf9832b7
SHA256

7615bf1f1a9edb40650d4354c1016ef88c699ff14dc4c90dbbe3d2573c3f0b75
SHA512

0a4548d71cf6ac29f161d120ebca9bd0788df8ccc5f3cff5940da966b76c0ed9089d3adb87589fc6152f675860b11970aeaf92ce6d7e470ce315ffc6b74a8064
SSDEEP

6144:8Yo/7BUvCka3UBbgDOLX7Pmr9pDsGOzcOclmmG5D9SsqOMNdA:8rOvCkC/DOTjmrLqzcOcMmUD2fd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d5f1bfbbc22ec55d2312e3305e7048

Files

14d5f1bfbbc22ec55d2312e3305e7048
.exe windows:4 windows x86 arch:x86

e8c5375765ac415f5d5d56486496f950

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
VirtualQuery
LoadLibraryA
GetPriorityClass
RtlUnwind
SetConsoleMode
QueryPerformanceCounter
GetCurrentProcess
GetProcAddress
VirtualAlloc
GetCurrentThreadId
SetLocaleInfoA
HeapReAlloc
HeapAlloc
GetWindowsDirectoryA
GetSystemTimeAsFileTime
HeapFree
InterlockedExchange
GetModuleFileNameA
TerminateProcess
GetModuleHandleA
ExitProcess
GetTickCount
LoadLibraryExA
OpenProcess

user32

DdeInitializeA
VkKeyScanExA
TrackPopupMenuEx
OpenInputDesktop
SendNotifyMessageW
RegisterWindowMessageA
BroadcastSystemMessage
AnimateWindow
ChangeMenuA
EnumThreadWindows
CloseDesktop
GetWindowModuleFileNameA
InsertMenuItemW
ChangeMenuW
GetWindowTextLengthA

comdlg32

PrintDlgW
GetOpenFileNameW
ChooseFontA
ChooseFontW
ChooseColorA
GetFileTitleA
PrintDlgA
GetSaveFileNameW
FindTextA
ReplaceTextW
GetFileTitleW
PageSetupDlgA
ReplaceTextA

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ