20e16eef540790b57e4ea5459dd23cae | Triage

Sharing

General

Target

20e16eef540790b57e4ea5459dd23cae
Size

372KB
MD5

20e16eef540790b57e4ea5459dd23cae
SHA1

ea6ee24c8142873a10ed08195eb2dd142ef68b34
SHA256

4f98195cf03748b0b879d09ecd8801961b9d5847176b16bebd2df63980d905a0
SHA512

c7f94587dd845312917aae23bbbe038cbdfb783a534a7ed767045e907047f4f4908594a1db589b2c71be0794ab8a2d15c5f4d43f12df8fb60acb8acca3420715
SSDEEP

6144:m0Bl6QyjvjVcVAC2FXgEr8fE0ASg3/YQvRNMVlJi41fv4Dw:mIjOvjVkCrSvoZNyl5fwD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
20e16eef540790b57e4ea5459dd23cae

Files

20e16eef540790b57e4ea5459dd23cae
.exe windows:4 windows x86 arch:x86

abde42a1146781807229cfa7a937a6dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalSize
GetDriveTypeA
SetEvent
LocalFree
CloseHandle
GetLocalTime
ExitThread
CreateFileW
GetTickCount
GetExitCodeProcess
GetPrivateProfileIntW
lstrlenA
GetComputerNameW
ReleaseMutex
VirtualAlloc
GlobalFree
FindVolumeClose
FreeConsole
ReadFile
GetModuleHandleW

user32

GetCursorInfo
EndDialog
GetKeyState
GetClassInfoA
GetDlgItem
GetSysColor
GetClientRect
DispatchMessageA
DrawStateW
GetMenu
CreateWindowExA
SetFocus
CallWindowProcA

clbcatq

ComPlusMigrate
ComPlusMigrate
DllGetClassObject
ComPlusMigrate
ComPlusMigrate

ntshrui

IsPathSharedA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ