195a51c994ab125e1b005c41c9736bd5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

195a51c994ab125e1b005c41c9736bd5
Size

37KB
MD5

195a51c994ab125e1b005c41c9736bd5
SHA1

22b8b75701ef3c62b35147b29d69c055c2fdcf2b
SHA256

54c12b3909b728ecfa37fca61bf91d303cfb6dbe5da88a7908711efe3f451ec3
SHA512

83f8afe8f698c5e6491577606b4a74a63d4f336130595be8b8c18bb2a73f2ceeda93b06b795a098917bab04cae2b2f6aa6aede28b4c430865411e94132fbdbcc
SSDEEP

768:VgHrI7Wpo2CwcnjkB8DRI9NHItj2onGXwo9D4FlAhc1aGH:V4r0DNjrDRSZItj2onfo9Diq5O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
195a51c994ab125e1b005c41c9736bd5

Files

195a51c994ab125e1b005c41c9736bd5
.exe windows:4 windows x86 arch:x86

18a366cfaf550bf556e5056e5695b93e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileSectionW
GetModuleFileNameA
MoveFileWithProgressW
GetCurrentDirectoryA
EnumResourceTypesA
EnumCalendarInfoA
GetCurrentDirectoryA
CreateWaitableTimerA
SetComputerNameW
GetConsoleAliasExesA
OpenEventA

user32

RegisterClipboardFormatA
VkKeyScanExA
SetClassLongA
ChangeDisplaySettingsW
SetMenuItemInfoA
CopyAcceleratorTableW
MessageBoxIndirectA
DefDlgProcA
ChangeDisplaySettingsW

gdi32

StartDocA
GetLogColorSpaceW
StartDocA
CopyEnhMetaFileW
CreateMetaFileA

Sections

.rsrc
Size: - Virtual size: 105KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 30KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.��
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 842B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 839B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ