2109ca7b60490060e0b1b5082eadad43 | Triage

Sharing

General

Target

2109ca7b60490060e0b1b5082eadad43
Size

351KB
MD5

2109ca7b60490060e0b1b5082eadad43
SHA1

87958d475f059547f7fb91a0ac6e988ce7f365e3
SHA256

dd259eacb7f1570269c5f2e472030450f336b1060b2469a1ba252568f4082ec5
SHA512

72c3681ae18fb8a013ba9393d1d29257ed2692139eff775fa5387d9fc5d132791a6d49e6ce910556c1aefd10efff545d333e8efc1767350cf5f89f51217a7e0a
SSDEEP

6144:trGWR6WxfvPlAhyLXHFJYlEBVkg0s0/JgW+5d3+PpE2u1PiTfTClxS6:4AtvqMXjYEnU/eW+5UpY6/Ch

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2109ca7b60490060e0b1b5082eadad43

Files

2109ca7b60490060e0b1b5082eadad43
.exe windows:4 windows x86 arch:x86

71e4f4adfca14ccc551d2ab586fdcadd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetACP
ResumeThread
GlobalMemoryStatus
GlobalSize
WaitForSingleObject
GetUserDefaultLCID
GetSystemTime
VirtualProtect
GetCommandLineA
GetCurrentProcessId
HeapDestroy
GetModuleHandleA
FreeConsole
GetOEMCP
GetTapeStatus
HeapCreate
LoadLibraryA
InterlockedExchange
GetTimeFormatA
PeekConsoleInputA

user32

GetWindow
GetParent
DragDetect
SetForegroundWindow
GetCursorPos
GetFocus
FillRect
BeginPaint
DrawTextA
ShowWindow
ReleaseDC
AnyPopup
FrameRect
EndPaint
GetClassNameA
CreateIcon
GetTitleBarInfo
GetDC
wsprintfA

ntshrui

GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
IsPathSharedA
IsFolderPrivateForUser
SetFolderPermissionsForSharing

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ