c92550b8868dde3fb0a66778915eb64d | Triage

Sharing

General

Target

c92550b8868dde3fb0a66778915eb64d
Size

510KB
MD5

c92550b8868dde3fb0a66778915eb64d
SHA1

784e89b92abcf4d1660a7bcceecd3dd55664d9fa
SHA256

786527fe704a8e6bd46feb0017a1086fb0924a3f88ae44ef3d0036e5362667bd
SHA512

ddd6942eab8ac3f7bf59e7d2e3c858dcf51acb8c485d4e556a21c1279833697568717d9f14fdea21e6ccfd475090f6bdf2b8b7f88cf3137b38f0cb595999df09
SSDEEP

12288:kHE2CDgSSVskd4s21RHJSfwexPSUs1H9Zqv:7PDXSVspuDX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c92550b8868dde3fb0a66778915eb64d

Files

c92550b8868dde3fb0a66778915eb64d
.exe windows:4 windows x86 arch:x86

1e811d895699b6931856ba29571231ff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAlloc
GlobalFree
CreateFileA
GetFileSize
SetFilePointer
ReadFile
CloseHandle
GetProcAddress
LoadLibraryA
GetModuleFileNameA
GetModuleHandleA
GetThreadContext
SetThreadContext
Process32First
GetCurrentThread
Process32Next
CreateToolhelp32Snapshot

Sections

.text
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 864B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.rdata
.rsrc/DIALOG/102
.rsrc/DIALOG/105
.rsrc/DIALOG/106
.rsrc/DIALOG/107
.rsrc/DIALOG/111
.rsrc/GROUP_ICON/103
.rsrc/ICON/1.ico
.rsrc/ICON/2.ico
.rsrc/ICON/3.ico
.rsrc/ICON/4.ico
.rsrc/ICON/5.ico
.rsrc/ICON/6.ico
.rsrc/ICON/7.ico
.rsrc/ICON/8.ico
.rsrc/MANIFEST/1
.xml
.text