90393edaf9c852a29a8e357ab0a8f84176aea96a87823470cbb4cebb061b1313 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

90393edaf9c852a29a8e357ab0a8f84176aea96a87823470cbb4cebb061b1313
Size

146KB
MD5

37ae0f32ab119f7c1f8ece1c149502f2
SHA1

bf47367b1f0f90ad0b500c790da9188231d6e0b2
SHA256

90393edaf9c852a29a8e357ab0a8f84176aea96a87823470cbb4cebb061b1313
SHA512

114972c642651b14f46425a00b2288767fcc9a41043987c0dfd731f29a0384fd995c2b8574e1b459440462528bb17dedec102fc81b50f60749688eca821bbb2c
SSDEEP

3072:PAOEwLB1ZLQnNMGlhyxNZ1it40Ei+Enz0FUL91IEQq3aJOo5PV46wI:REY11GaGl0PZot40EMnz0OHISKJOp6wI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
90393edaf9c852a29a8e357ab0a8f84176aea96a87823470cbb4cebb061b1313

Files

90393edaf9c852a29a8e357ab0a8f84176aea96a87823470cbb4cebb061b1313
.exe windows:4 windows x86 arch:x86

c7858ae94b2f73eae27b248cd4d2b1e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegQueryValueExW

user32

EnumDisplaySettingsW

clusapi

CloseCluster

comctl32

InitCommonControlsEx

shell32

ShellExecuteW

kernel32

Sleep
TerminateThread
GetCurrentProcessId
InterlockedExchange
CreateIoCompletionPort
InterlockedCompareExchange
IsDebuggerPresent
QueryPerformanceCounter
GetTickCount
GetStartupInfoW
EnumResourceNamesW
ExitProcess
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcess

Sections

.text
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1012B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rscr
Size: 512B - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ