dc157c6df29a854531bdae957db969c78a9e2684b9358f21b763957bee247a82N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dc157c6df29a854531bdae957db969c78a9e2684b9358f21b763957bee247a82N
Size

18KB
MD5

194e2a32584c81dbc766f49927da44a0
SHA1

4deeef3719394bb8e0dfcfe0b5b5aa470fa43965
SHA256

dc157c6df29a854531bdae957db969c78a9e2684b9358f21b763957bee247a82
SHA512

a62bc567f5ff904885403ca98212a9a45a42cb078a1bb64a6fef45376254251f44de1d3b6d31cce1996aaac2d07d4d2bbac69cd33bba90e79e3de2788328b7ac
SSDEEP

192:6a0JCMvKlikb6L0LGYh/DAyVZIHo+S9AhPpmC58d5n+/C329gm0bXREF:T0JDKLewLGy/PUIB+h0diKRl6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc157c6df29a854531bdae957db969c78a9e2684b9358f21b763957bee247a82N

Files

dc157c6df29a854531bdae957db969c78a9e2684b9358f21b763957bee247a82N
.exe windows:4 windows x86 arch:x86

6e08fb9a1af0143196a4c9a626892a57

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
SetEvent
GetAtomNameA
LoadLibraryExA
TlsFree
HeapReAlloc
GetVersion
CompareFileTime
GetConsoleCP
WaitForSingleObject
HeapWalk
FindAtomA
lstrlenA
GetTickCount
GetProfileIntA
ResetEvent
GetACP
CloseHandle
GetModuleHandleA
VirtualProtect
GlobalUnlock

user32

UpdateWindow
CopyRect
SetPropA
ModifyMenuA
TranslateMessage
GetWindowLongA
SetWindowPos
InflateRect
PostQuitMessage
PostMessageA
DispatchMessageA
GetDlgItem
GetMenu
GetMenuStringA
GetParent
ScrollDC
DestroyMenu
InsertMenuA
GetScrollRange
EnableScrollBar
EqualRect
ShowWindow
DialogBoxParamA
GetSubMenu
SetSysColors
GetKeyboardLayout
MessageBoxA
GetWindowTextA
LoadIconA

msi

MsiDoActionA
MsiEnumClientsA
MsiEnumProductsA
MsiGetMode
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ