96183a78118f0dc50f18dfa4c69f2ea0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96183a78118f0dc50f18dfa4c69f2ea0
Size

51KB
MD5

96183a78118f0dc50f18dfa4c69f2ea0
SHA1

2b15973d36f0796fbf0836fb5083d3074087c219
SHA256

9d324770e61459a1f6e0fe8d1361e024c2d6f89d6fe34e64d9612df10c11805e
SHA512

dfbd4fcb72e3af30b275552d17b710ff9d693dc04adf5577649b78c017cb8330dab1ef8375c008db28d12386191ebf8d91398ccdec9cdcb581bd09e75da90181
SSDEEP

1536:PPLsykwcMkAzROARh6uYdxj5SvzgWkjXUTLgk1/K:ewcMkAzRpRMj5SvDkjX0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96183a78118f0dc50f18dfa4c69f2ea0

Files

96183a78118f0dc50f18dfa4c69f2ea0
.exe windows:4 windows x86 arch:x86

fa7538246e273ab5e68792bccd7a8cdc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
ContinueDebugEvent
ExitProcess
GetCompressedFileSizeW
GetStartupInfoA
GetTapeParameters
GlobalCompact
LoadLibraryExA
Process32Next

advapi32

BuildTrusteeWithSidA
CryptDecrypt
CryptEnumProviderTypesW
CryptExportKey
CryptSetProviderA
CryptSetProviderExW
GetAce
GetTrusteeNameA
ImpersonateNamedPipeClient
NotifyBootConfigStatus
OpenSCManagerW
RegEnumKeyExW
RegQueryInfoKeyW

user32

BroadcastSystemMessageW
CallWindowProcA
DdeQueryConvInfo
DefDlgProcW
DrawFocusRect
FindWindowExA
GetSysColorBrush
IsWindowUnicode
SendMessageTimeoutA
SetScrollPos
ShowWindow
TileChildWindows

shell32

DuplicateIcon
ExtractIconResInfoA
PrintersGetCommand_RunDLLA
SHBrowseForFolderA
SHUpdateRecycleBinIcon
Shell_NotifyIconA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE