15d63c96a0629eedb5c6f11ef0eea438 | Triage

Sharing

General

Target

15d63c96a0629eedb5c6f11ef0eea438
Size

636KB
MD5

15d63c96a0629eedb5c6f11ef0eea438
SHA1

4b3669ba34c3e86fea97ae0390ba082cc07e8237
SHA256

19bf530924c92f1152a022bcf753819347100749ec987d23be2bb0192e26dcf5
SHA512

262c332d34b08e1f639123bc7b311cc3ce759862c8387d23412885c0f5bb61dee131331fa868ae9349101b3ba2d783713b6ef879c4892b6743cfff369bbb09dc
SSDEEP

12288:VkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:VRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
15d63c96a0629eedb5c6f11ef0eea438

Files

15d63c96a0629eedb5c6f11ef0eea438
.exe windows:4 windows x86 arch:x86

7761b42eb534167312434b20d36f3ce8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GetAtomNameA
CompareFileTime
GetModuleHandleA
GetStdHandle
GetVersion
GetCommandLineA
WaitForMultipleObjects
HeapCreate
GetConsoleCP
GlobalUnlock
GetSystemDefaultLangID
WaitForSingleObject
CloseHandle
SuspendThread
lstrlenA
LoadLibraryExA
InterlockedExchange
GetTickCount
HeapReAlloc
SetConsoleCP

user32

GetKeyboardLayout
DestroyMenu
FillRect
GetDlgItem
IsDialogMessage
SetScrollInfo
SetWindowPos
InvertRect
CopyImage
FindWindowA
DragObject
DialogBoxParamA
DrawCaption
CreateIcon
EnableScrollBar
GetKeyState
DispatchMessageA
CreateMenu
GetCursorInfo
CreateCursor
SetPropA
InsertMenuA

advapi32

RegEnumKeyA
RegQueryInfoKeyA
RegCreateKeyExA
RegCloseKey
RegEnumValueA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 626KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ