9b04c19ee016a43af0edfb82d78a4a690e3f018e0a23d36ec25bd564f2074548 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b04c19ee016a43af0edfb82d78a4a690e3f018e0a23d36ec25bd564f2074548
Size

27KB
MD5

1cf14d5c289f24d4ec310caaa6c34c9c
SHA1

f3393711a3c62e3cd429a63ca577b0b6114f7d3d
SHA256

9b04c19ee016a43af0edfb82d78a4a690e3f018e0a23d36ec25bd564f2074548
SHA512

3ab8e0ef106bfcbbedb6500832cb2d4b3b8d7835a11d32896851e7522100def9711384296a33b22a06f37ac47121bff4c15d2beb0c9fddfeab7888860cbcd5b6
SSDEEP

384:ctz3+pmuMgm4PHgTfhl1IBxRlHzZN2zVqOTqxz:6zQMQWlqBxRlHzZN2zA1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b04c19ee016a43af0edfb82d78a4a690e3f018e0a23d36ec25bd564f2074548

Files

9b04c19ee016a43af0edfb82d78a4a690e3f018e0a23d36ec25bd564f2074548
.exe windows:4 windows x86 arch:x86

e3ba6c037c9f90379e6d8a4d6f1fe2f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextW
SetCapture
GetActiveWindow
IsChild
SendMessageA
MessageBoxA
DefWindowProcA
TrackPopupMenu
LoadBitmapA
TranslateMessage
DispatchMessageA
GetMessageA
PostQuitMessage
ShowWindow
UpdateWindow
FlashWindowEx
GetKeyState
TranslateAcceleratorA
RegisterClassA
CreateWindowExA
GetDlgItemTextA

kernel32

HeapAlloc
GetModuleHandleA
HeapCreate
CloseHandle
ExitProcess

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.htext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE