522c809792dee1e14e52a5aa2c3de093 | Triage

Sharing

General

Target

522c809792dee1e14e52a5aa2c3de093
Size

24KB
MD5

522c809792dee1e14e52a5aa2c3de093
SHA1

ffcc05889846eea9cbe09108cb39a95e4db52dd9
SHA256

10279d39131f578f70dec583a153154bda10ab1fbb3a2a6a2031822a5c890b1d
SHA512

3f2c9d4aba3dd777cc434b20568306b5fb4c1f8857bb48ab70984c3d237bdfea4835dfa4cc74edf714d0116d3fcf6241dd19bc744052b596f95fd8b3406e9644
SSDEEP

384:KBld9/Li7E2hboOp99mmyIL80vmjL87Aa0hU4L9YNO5yNqkPL+DkEXeX:KBj9Gw2eOpBFL8UmjL87z0hlZOqka3XY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
522c809792dee1e14e52a5aa2c3de093

Files

522c809792dee1e14e52a5aa2c3de093
.exe windows:1 windows x86 arch:x86

157b6b6b2d3b833400a9d1a156399a84

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CopyImage
ChangeMenuW
CallMsgFilterW
CreateMenu

shell32

Control_RunDLLW
StrRStrA
SHFileOperation
SHEmptyRecycleBinA
SHFileOperation
SHGetDesktopFolder
RealShellExecuteExW

gdi32

GetDeviceCaps
FloodFill
PathToRegion
PtInRegion
GdiStartDocEMF
RectInRegion
PolyPatBlt
GetTextColor
GetPixelFormat

Sections

.text
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE