a265e067145192f5581947d243b62b9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a265e067145192f5581947d243b62b9c
Size

148KB
MD5

a265e067145192f5581947d243b62b9c
SHA1

dd416bd32927af383932081034fb54ea276d8191
SHA256

c6e83e45847d53e8967d74c61214834d673808339a62a4c8e59df32a47f7528a
SHA512

886a45e98eeb1f23eca3b08b0a8e3d51e1c316bb4fd25b1db047121552f28e302b94f30ae9f014f3a262eb1cfe38f8ac481e5ecd1a64b59e4a5a5d462a7d5faa
SSDEEP

3072:jR4VPnzEo4yXkcV0cMkTUQeljJatTumpAikZ6J:V4aoRFMDaZu1pZ6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a265e067145192f5581947d243b62b9c

Files

a265e067145192f5581947d243b62b9c
.exe windows:4 windows x86 arch:x86

4af7b28c9773b8a22744e6cedf21731a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA
SHGetFolderPathA
SHFileOperationA

kernel32

IsBadReadPtr
lstrlenA
LoadLibraryA
ExitThread
ExitProcess
GetCommandLineW
GetLastError
GetModuleHandleA
GetVersionExA
GetModuleHandleW
GetProcAddress
VirtualAlloc
lstrlenW
LoadLibraryExA

user32

CharLowerBuffA
CharToOemA
CallWindowProcA
CallNextHookEx
CharNextW
CharNextA
AdjustWindowRectEx
CharLowerA
BeginPaint
CharUpperBuffA

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 477B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 970B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ