19d3fd889679255b6cd8c5e8d273208b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19d3fd889679255b6cd8c5e8d273208b
Size

159KB
MD5

19d3fd889679255b6cd8c5e8d273208b
SHA1

8bd6884135bd0313e63f4e4c51c6571d60017c19
SHA256

e3ae6f2d3b98229d00c71af9740a5271c27b00556b79d675499779651e0dbbae
SHA512

c650a514126f51784af81576ca6059a5b3aa71e10473c506b3443e3f8f1fd04f4663606f587eac34b0f3ebf29c3fbfae3752762c91707114541fea83c0c71cd2
SSDEEP

3072:BD+9GRXDojR8rO5ooCP7hXqaEtElcYXl9Rwp2k0HO57CMlszZT:CG54SboCzhBl9R3kBE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19d3fd889679255b6cd8c5e8d273208b

Files

19d3fd889679255b6cd8c5e8d273208b
.exe windows:4 windows x86 arch:x86

10282c257a629efb270e4f2af1294e00

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsolePalette
GlobalUnlock
GetOEMCP
WriteProfileStringA
VirtualAlloc
SetCommBreak
GetStdHandle
EnterCriticalSection
GlobalAddAtomA
DeleteAtom
GlobalAddAtomA
GlobalFree
IsBadCodePtr
GetLastError
LocalFree
lstrcat
HeapCreate
RaiseException
LoadResource
LoadLibraryExA
CloseHandle

user32

GetClassInfoExA
AlignRects
ValidateRect
BeginPaint
GetWindow
DrawEdge
GetParent
ShowWindow
CloseWindow
GetFocus
GetDC
IsIconic
GetActiveWindow
GetWindowTextA
GetWindowTextLengthA
GetForegroundWindow
ReleaseDC
GetClassNameA
EndPaint

wsock32

WSAGetLastError
WSASetBlockingHook
WSAAsyncGetServByPort
WSACleanup
WSAStartup

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ