192b0b0d37d3a6666b584e876ca271e5 | Triage

Sharing

General

Target

192b0b0d37d3a6666b584e876ca271e5
Size

17KB
MD5

192b0b0d37d3a6666b584e876ca271e5
SHA1

7ca0e9f10a3cef8a7cc8b7831f675bd7089648f4
SHA256

37530313cc21a96a2321428d5ad7db279c7f38a7d93577808e8402e92a045fa1
SHA512

c451033b358abdf35b7912e936ef278b7572d10741c8b636f218769c509a6ed0187dc34dae2bf438d1c8b8db0f41649056a798b8c5654f78755061d50517643f
SSDEEP

384:ou6edD9lfw63SWpFHP2LntdA2Xdccccd3/z6KXmmex/:odUDzY6CUit2UdccccV/Gxx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
192b0b0d37d3a6666b584e876ca271e5

Files

192b0b0d37d3a6666b584e876ca271e5
.exe windows:4 windows x86 arch:x86

db02a63d20b9453a9ad83a7622c5d3c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetCurrentProcess
GetLocaleInfoA
GetModuleHandleA
RaiseException
GlobalFree
SetEvent
OpenSemaphoreA
GetCommandLineA
FreeEnvironmentStringsA
WriteConsoleA
GetACP
GetCompressedFileSizeA
GetStdHandle
GetSystemDirectoryA
VirtualProtect
HeapCreate
InterlockedExchange
IsDebuggerPresent
GetCurrentThread
FlushFileBuffers

user32

FillRect
GetWindowTextLengthA
BeginPaint
ReleaseDC
GetParent
GetCursorPos
ValidateRgn
SetForegroundWindow
GetDlgItem
DrawTextA
SetActiveWindow
GetClassNameA
GetFocus
FrameRect
wsprintfA
IsIconic
EndPaint
GetWindow
ShowWindow

linkinfo

GetCanonicalPathInfoA
DestroyLinkInfo
ResolveLinkInfoA
IsValidLinkInfo
GetLinkInfoData

rtutils

LogEventA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ