19c8c51718a21dbaa4aa9820e709c8fe | Triage

Sharing

General

Target

19c8c51718a21dbaa4aa9820e709c8fe
Size

17KB
MD5

19c8c51718a21dbaa4aa9820e709c8fe
SHA1

533ebdf573ac1582c0c0440fbea8082de6d2f915
SHA256

527c9adcc7f11604f92895bf565c7b49f2590e447101992f6d05ab28d8f404cd
SHA512

25c5488db8b8f3061433102ce3a25955b382bb571b46212d82a598d0de547b8e7d4754381df5b8baf6fb8e3a39ec3b479193ad81e7043a4de679684c80f4fcc0
SSDEEP

384:f+fOM1t//U9XRwpVEKBI488/Hrg9ygEHs:m2+V/UxRoVjBh/HIyvs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19c8c51718a21dbaa4aa9820e709c8fe

Files

19c8c51718a21dbaa4aa9820e709c8fe
.exe windows:5 windows x86 arch:x86

fa8560b3dd08ee001893e0edd10c4665

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
SetUnhandledExceptionFilter
ExitProcess
GetWindowsDirectoryA
lstrcatA
CreateFileA
VirtualAlloc
GetProcessHeap
TerminateProcess
IsDebuggerPresent

user32

TranslateAcceleratorW
LoadCursorW
GetDlgItemTextW
EnableMenuItem
DefWindowProcW
UnhookWindowsHookEx

comdlg32

GetOpenFileNameW
FindTextW
CommDlgExtendedError
GetSaveFileNameW
PrintDlgW
ChooseFontW

advapi32

RegOpenKeyExA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ