7631133cb60d8ac434a560e204d092c243507605f253dc9a3af3dbd1e9fb1ffd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7631133cb60d8ac434a560e204d092c243507605f253dc9a3af3dbd1e9fb1ffd
Size

5.9MB
MD5

4c3c5f21aaa1a03bbc93e2683db05743
SHA1

06891f609a42703a23007854cdb5a065052771d5
SHA256

7631133cb60d8ac434a560e204d092c243507605f253dc9a3af3dbd1e9fb1ffd
SHA512

4d0108e1e4730da58dd9bcdd74c2b45a967c78691fa704f6a3f1c674b0856ae64a634e9c47bcc49b4838ae391f7bf1e4679d78a175f46f83596f182dcab20fba
SSDEEP

98304:jxstiB7oaUu4Lab7qXOUtaJBfjM71ReZXAbnIy+fp+NKCOXePXx3rA:SIM3LabIkIZ0J4nIy+fp+ALXep

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7631133cb60d8ac434a560e204d092c243507605f253dc9a3af3dbd1e9fb1ffd

Files

7631133cb60d8ac434a560e204d092c243507605f253dc9a3af3dbd1e9fb1ffd
.exe windows x86

d94db63cb1c770dd5bc2d9e990bfacb4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

ole32

CoInitialize

wtsapi32

WTSSendMessageW

user32

GetProcessWindowStation
GetProcessWindowStation
GetUserObjectInformationW

Sections

.vmp1
Size: 5.6MB - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 251KB - Virtual size: 250KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE