19d93c0a88576c5eb9a036b59f57cdc6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19d93c0a88576c5eb9a036b59f57cdc6
Size

60KB
MD5

19d93c0a88576c5eb9a036b59f57cdc6
SHA1

50e6897f4c99df7687fd3de049b997f858434a50
SHA256

124452366d30f516e6cba2889986dd7a9654f20073e3a0d6ded27f406b6f87b5
SHA512

a19424d3c57b9b544546f5e2764c10fd6899dfde72e88764ea68cb07490a54ce83fbf47e31652cb5afdd072b3349079a741c82e352a4701fd24fdbf5c3efdb72
SSDEEP

1536:ZtiSghGXLVwMcCVlcq7Zfv27MBc0RRJk+gXsW:7iSg8wgdvymNJk+g8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19d93c0a88576c5eb9a036b59f57cdc6

Files

19d93c0a88576c5eb9a036b59f57cdc6
.exe windows:4 windows x86 arch:x86

c4b7ce046d7f88a5a4b60745560dc53a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetStringTypeW
lstrcpynW
lstrcpyA
GetStartupInfoA
MultiByteToWideChar
GetACP
GetStdHandle
lstrcatA
TerminateProcess
GetModuleFileNameA
SetHandleCount
GetStringTypeA
GetCurrentProcess
GetCommandLineA
LCMapStringA
GetCPInfo
GetVersion
CreateFileA
SetFilePointer
GetFileType
LCMapStringW
lstrcpynA

user32

DrawTextA
CopyIcon
DrawTextW
EndDialog
LoadMenuA
GetDlgItem
CopyImage
InsertMenuA
GetCursor
GetWindowTextLengthA
DialogBoxParamA
DrawIconEx
CopyRect
GetMenu
IsMenu
LoadCursorA
CloseWindow
GetFocus
GetWindowTextA
CreateIcon
IsWindow
GetDC

comctl32

ImageList_Destroy
DrawStatusTextW
ImageList_LoadImageW
CreateToolbar
InitCommonControls
ImageList_Create
MenuHelp
DrawStatusText
ImageList_Copy
ImageList_LoadImageA
DllGetVersion
CreateStatusWindowW
CreateToolbarEx

advapi32

RegOpenKeyA
RegEnumKeyExA
RegOpenKeyW
RegQueryValueExW
RegCreateKeyA
RegDeleteKeyW
RegQueryValueExA
RegEnumKeyA
RegSetValueW
RegEnumValueA
RegCreateKeyW

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ