2203cac8427b397095ec760dffedbf92 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2203cac8427b397095ec760dffedbf92
Size

58KB
MD5

2203cac8427b397095ec760dffedbf92
SHA1

c92f8cb689fe83f49b747124a89023b10f69ad06
SHA256

91c1f7a59207b0cc1f4c03f33444268dc856a975da97d63d0e3bc8c79c1e7eee
SHA512

41cbbd89ab06c4dd56473aec27fddd2cbeaad80f71fb8c10eacfef2d13d892cb345368e42a9eb840c9418b90a9a76d522158f3555814841ed3ee560904ff4642
SSDEEP

768:BIa5vLifkkolo3ETHUs/Tz5GAgiqAhuGwe+dT0/j+ogxLxoCFZEClCytCw+Bw/f/:7th+Uos/pdhhfQdTwKxoCbEClXCkB+Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2203cac8427b397095ec760dffedbf92

Files

2203cac8427b397095ec760dffedbf92
.exe windows:4 windows x86 arch:x86

233d43c85d3e6d8c909589d1c7274413

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetCursor
LoadImageA
GetMessageA
DrawTextA

kernel32

SetEndOfFile
lstrcmpA
WriteFile
VirtualAlloc
TlsSetValue
EnterCriticalSection
EnumResourceLanguagesA
EnumResourceNamesA
GetModuleHandleA
GetStartupInfoA
LoadLibraryA
Sleep

ole32

CoInitializeSecurity
OleCreateLink
WriteClassStg
CoGetCurrentProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

code
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE