e224ea9e0909944f2627b3333bd7ce99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e224ea9e0909944f2627b3333bd7ce99
Size

18KB
MD5

e224ea9e0909944f2627b3333bd7ce99
SHA1

63a7b88ea4e16fa81eb73836b2450002fbba3dfd
SHA256

2b1eb14be52a64fca833f7109ac861c25a089ff223176e06efa933bcdb7048bc
SHA512

c581d9b7a1ed811235c7ff4de1dc985d1b969f535365043172dc9ea3dd647c9b6bb24d5b8387d5fdfbe657a21f9a828885cdba71ea33b62ac370b92d05748da5
SSDEEP

384:8nKrHxvCLn29BP/nWHu9xA4hbD/oh4HHHDnnnR7RRRRRRRRRDRRRRRRR:yiHxvAnKBP/nZx/hQ4HHH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e224ea9e0909944f2627b3333bd7ce99

Files

e224ea9e0909944f2627b3333bd7ce99
.exe windows:4 windows x86 arch:x86

2fad65c6df6a022a7736ae25fd692e44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapReAlloc
LoadLibraryA
WaitForSingleObject
GlobalUnlock
VirtualProtect
GetACP
CloseHandle
CompareFileTime
lstrlenA
GetVersion
InterlockedExchange
GetConsoleCP
TlsFree
GetAtomNameA
GetTickCount
TlsGetValue
GetStdHandle
GetModuleHandleA
GetProfileIntA
HeapWalk
FindAtomA

user32

PaintDesktop
GetScrollRange
GetMenu
CreateCaret
SetPropA
ShowWindow
InsertMenuA
SetWindowPos
GetWindowTextA
EqualRect
DialogBoxParamA
UpdateWindow
GetMenuStringA
PostMessageA
InflateRect
PostQuitMessage
SubtractRect
MessageBoxA
CopyRect
ModifyMenuA
GetKeyboardLayout
GetDlgItem
TranslateMessage
GetSubMenu
DestroyMenu
EnableScrollBar
LoadIconA
DispatchMessageA

msi

MsiDoActionA
MsiCloseHandle
MsiEnumClientsA
MsiGetMode
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ