e1687c65763c638a4d32bbe237f6fd80242be60ab8aa4697fa66e5b6be055b33 | Triage

Sharing

General

Target

e1687c65763c638a4d32bbe237f6fd80242be60ab8aa4697fa66e5b6be055b33
Size

266KB
MD5

c6b317577b7a4bb08c72af49ab369539
SHA1

61c2d8f4c1484e97cb3aedb11a0072b8933b0eff
SHA256

e1687c65763c638a4d32bbe237f6fd80242be60ab8aa4697fa66e5b6be055b33
SHA512

f166a162491b56de139a33ae5b90dcdd47e433dbc67566ab1747ba497c5eb9e7a20723f04377809d01a10f48ec606fb9b670e8c39039fa12877a81390d69bffa
SSDEEP

6144:MYns1QTH7tc3J8GRCYff9/L/52cQu09lW/1Bu+Cs7NKOXql3ia:MCof8G8q9/L/52cQu09A/S+NfAia

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e1687c65763c638a4d32bbe237f6fd80242be60ab8aa4697fa66e5b6be055b33

Files

e1687c65763c638a4d32bbe237f6fd80242be60ab8aa4697fa66e5b6be055b33
.exe windows x86

c15deba87bdf113b51b3903e2c8c341d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree
ExitProcess
GetModuleHandleA

mfc42

ord4188

msvcrt

_controlfp

user32

FillRect

gdi32

GetBkColor

advapi32

RegCloseKey

comctl32

ImageList_EndDrag

ole32

OleInitialize

oleaut32

VariantClear

Sections

pec1
Size: 214KB - Virtual size: 808KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE