22911649493eb945a28b4f27e56cbaee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

22911649493eb945a28b4f27e56cbaee
Size

416KB
MD5

22911649493eb945a28b4f27e56cbaee
SHA1

51e469c16943586c43e23c357e6e111e24cd2832
SHA256

e5f0e25fa9125d481eb8f9facdfc5c4e4708d1f766ae72d913fb2817823b86d8
SHA512

fb762a17f5a44675e4589ef329d37d01f762a42585161555ce6a5b5cf946e16e93d95d40be79ae0fef7cbecb53ed2d0388a05e0a74bce97a840a6c5c7bebd51f
SSDEEP

6144:a4SOUyVHHYqXc3+OwrJcMjp/G8c2EW/Rt0O2GkBEsc6QEiVarkx/Uw/VJwNZJ5Pv:aqJcRMl/GF2EW/Rt2nEp6FXujNCNFGk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22911649493eb945a28b4f27e56cbaee

Files

22911649493eb945a28b4f27e56cbaee
.exe windows:4 windows x86 arch:x86

51f528638084318d5552f9b372ebe7f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

SetupIterateCabinetW

ole32

CoUninitialize
CoInitializeEx

shell32

ShellExecuteW
ShellExecuteExW

user32

MessageBoxW
wsprintfW

kernel32

GetCommandLineW
CreateFileW
GetModuleFileNameW
LoadLibraryA
WriteFile
lstrcpyW
DeleteFileW
GetExitCodeProcess
CloseHandle
LoadResource
GetProcAddress
SetEnvironmentVariableW
LockResource
GetStartupInfoW
ExitProcess
WaitForSingleObject
GetTempPathW
SizeofResource
FindResourceW
GetLastError
FreeLibrary
GetModuleHandleW

Sections

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 503KB - Virtual size: 503KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ