194eb3b71f3dc6436b9b8f0ddcf2229f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

194eb3b71f3dc6436b9b8f0ddcf2229f
Size

172KB
MD5

194eb3b71f3dc6436b9b8f0ddcf2229f
SHA1

2a0b93b8d3dc5a3b22ea13f81730f2ce0617a77a
SHA256

db9d5661cebbcde3a8fff0af9e17c95afa90ec95f71db61f2a43894ef40eeeb3
SHA512

66e11e52c157188295d1d4f3579f9d96d3cc25c3a05d3122387b76495897e420b72874baad65b7538024bac6b476274a738750e28d3cba1d75ecfd272afe876a
SSDEEP

3072:P8cyoVzCgfPzj8iMYXFfm8kGmJai5XQvt/hWHf0LoFA+aTbr5Tw:P8cyoNTXzIizf2GZvt/hBonafNT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
194eb3b71f3dc6436b9b8f0ddcf2229f

Files

194eb3b71f3dc6436b9b8f0ddcf2229f
.exe windows:4 windows x86 arch:x86

4e88667902f7deec4af35c9093767ce8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCalendarInfoW
SetComputerNameExW
Heap32ListNext
WaitForSingleObjectEx
lstrcatW
GetProcessShutdownParameters
GetLongPathNameA
Sleep
GetLogicalDrives
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

.code
Size: 4KB - Virtual size: 137KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ