19dfb5da7ae4b8ddc77168d9eb8fb763 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19dfb5da7ae4b8ddc77168d9eb8fb763
Size

393KB
MD5

19dfb5da7ae4b8ddc77168d9eb8fb763
SHA1

eaab3434f7a130187bab6a5bfba01477dad4b270
SHA256

9f5aedff9a08ac0317aac756de918b406b5d7baed2977070cd7b3f562fffd699
SHA512

eab13eb9558107c44abc0ab8bc4a8efcc169a73de26e758e18b3a17aa6931dac77c91c58364acb2eb59e8c1990360b7b7ae3a2851323356268e73c7ca0021718
SSDEEP

6144:UwDd7o5nhxlGFWPgynsiNYBoGFFYhaRRXcuCiX++Vzrmkqmu5jbmdVnYQHSklp:U2QnhxUUSbuGFehOsuC8Xmklb7Skj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19dfb5da7ae4b8ddc77168d9eb8fb763

Files

19dfb5da7ae4b8ddc77168d9eb8fb763
.exe windows:4 windows x86 arch:x86

f66090fd7b93ab2c30cb2de1f6ee7442

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
GetConsoleCP
SignalObjectAndWait
GetACP
CreateFileMappingA
GetLastError
LoadLibraryExW
LocalFree
FindClose
CreateMutexA
FindAtomA
HeapCreate
Sleep
TlsGetValue
CloseHandle
FreeEnvironmentStringsA
ExitProcess
GetModuleHandleA
GlobalUnlock
LocalLock

user32

DrawEdge
GetDlgItem
CheckRadioButton
DefWindowProcW
DrawFrame
GetDC
CallWindowProcA
GetIconInfo
GetFocus
DispatchMessageA
CopyRect
FillRect
IsWindow
MessageBoxA

clbcatq

GetComputerObject
SetupOpen
SetSetupSave
GetCatalogObject
InprocServer32FromString

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ