0998d9a19f0405001758994e4aa09028bc2667ce91423a2e57cd23cd9bb2f3b5[.]exe | Triage

Sharing

General

Target

0998d9a19f0405001758994e4aa09028bc2667ce91423a2e57cd23cd9bb2f3b5.exe
Size

187KB
MD5

43442a194efe5da915a27ca5fee56acd
SHA1

d502bfe2fe033e0710c3efcf0d25fb18d30e3d4f
SHA256

0998d9a19f0405001758994e4aa09028bc2667ce91423a2e57cd23cd9bb2f3b5
SHA512

fd82e85cf4f475d7ff38dc120c26034b65b07eb353ce608aefe0a35ba3af6f340a41e15d4cc02ae1fb8c011098d13bde911696c79f87e17ebfd7ffff3fbf66cb
SSDEEP

3072:fb9fR6vPhkm9gDdMM9T4wYkgVGIeuK9RWZBmVPKCuoyHS:fb9J6BkDdMMCwYkgwbu2VVPnuoUS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0998d9a19f0405001758994e4aa09028bc2667ce91423a2e57cd23cd9bb2f3b5.exe

Files

0998d9a19f0405001758994e4aa09028bc2667ce91423a2e57cd23cd9bb2f3b5.exe
.exe windows:4 windows x86 arch:x86

288b1b3e94b32e63e7622866cb9f03a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowRect
UnregisterClassA
MoveWindow
CharNextA
GetActiveWindow
EndPaint
EqualRect
LoadAcceleratorsA
BeginPaint
OffsetRect
SetDlgItemTextA
DestroyWindow
PtInRect
IntersectRect
GetDlgItem
SetWindowLongA
SetWindowRgn
GetDC
DefWindowProcA
ReleaseDC
GetKeyState
SetFocus
SetParent

clusapi

CloseCluster

kernel32

GetLongPathNameW
InterlockedIncrement
GetProcAddress
LoadLibraryA
InitializeCriticalSection
GetFileAttributesA
SetThreadContext
lstrcpynA
EnumResourceNamesA
DeleteCriticalSection
DisableThreadLibraryCalls
GetModuleFileNameA
ExitProcess
InterlockedDecrement
MultiByteToWideChar
GetWindowsDirectoryA
GetVersion
GetLocaleInfoA

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ