Transparent Windows[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

Transparent Windows.exe
Size

14KB
MD5

9ec1e791f291080b5cbdeedc88671b02
SHA1

28e41ca55b9a8842e2afca95b0392095c45e40fa
SHA256

88d43730e998ef2f8dc8b9f2b5114a8965f415ce8ff9272ca14e52548aa8a263
SHA512

46dc7c29f450c0311ae4b2dce0e83a10fc5642b27228e317835e79f3daf6597b41721a4e160e4eb3e99b8b863182a5939a917198b502627d6eac76b7d48ec999
SSDEEP

192:mYw7CNiu5LMaIScBqInHz+XgcRYp98p29EDjYDfjH/efJEPZVs2sSZnqzS6rk1k:mYwLuCalcBqI6XjRYksicfChEPnsUWem

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
Transparent Windows.exe

Files

Transparent Windows.exe
.exe windows:4 windows x86 arch:x86

4793589bba6f6bc45064957895a47099

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHBrowseForFolderA
SHGetPathFromIDListA

user32

MessageBoxA

kernel32

DeleteFileA
GetCommandLineA
FindFirstFileA
lstrlenA
lstrcpyA
lstrcatA
WriteFile
ReadFile
GetWindowsDirectoryA
GetSystemDirectoryA
GetStartupInfoA
GetModuleHandleA
GetModuleFileNameA
CloseHandle
CreateDirectoryA
CreateFileA
CreateProcessA
ExitProcess
GetFileSize

oleaut32

SysFreeString
SysAllocStringByteLen

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 786B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ