19b3a4ffd63d2dc7879b0eb5d1d43ee1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19b3a4ffd63d2dc7879b0eb5d1d43ee1
Size

19KB
MD5

19b3a4ffd63d2dc7879b0eb5d1d43ee1
SHA1

202358ef6c9b71d330300a725707d2ff187fc2f1
SHA256

e79d62a02ff25b60667dac0a254c513fb99de6508b99b6b9c76984c63d60be86
SHA512

00a6bf19cf13f2f62a8a7e36a9d5634228bdde338d5bb197a7596c03747eb5072be2013c43dbd3bf955e17600827c893e07e54816ba7e4174a394586b6455b85
SSDEEP

192:JyixrMESfhx04v/JETaSf8o0OhxXOkrQX/Y/voHV9zumZBdZDWgy5nWp0Jrnvsef:giuFXGd+yYYwumlkg5IOyyfRMrhtog

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19b3a4ffd63d2dc7879b0eb5d1d43ee1

Files

19b3a4ffd63d2dc7879b0eb5d1d43ee1
.exe windows:4 windows x86 arch:x86

f7de76f7cc0e4804342c2e6c0f70cefb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MultiByteToWideChar
OpenProcess
CopyFileA
DeleteFileA
GetWindowsDirectoryA
VirtualAllocEx
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
WriteProcessMemory
GetModuleHandleA
GetProcAddress
Sleep
CreateRemoteThread
GetLastError
GetStringTypeW
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
GetCPInfo
GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
LCMapStringA
LCMapStringW
GetStringTypeA
GetFileAttributesA

advapi32

RegCloseKey
RegQueryValueExA
RegSetValueExA
RegOpenKeyExA

shell32

ShellExecuteA

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE