6d1f7d672446afc9cb323452c957c52be0649d02d199efb003d2f27a12ab73aa | Triage

Sharing

General

Target

6d1f7d672446afc9cb323452c957c52be0649d02d199efb003d2f27a12ab73aa
Size

38KB
MD5

7b815afee6bd2383fd0af361537dfd30
SHA1

999f2231862c49982841c71a37c09cba0ef68159
SHA256

6d1f7d672446afc9cb323452c957c52be0649d02d199efb003d2f27a12ab73aa
SHA512

716ca63c7843b4b7832c35c7b03028bf2d1a2773e0fdf39d60894a8bfc9297a93d1076cd84f92fbbdc931ed8b69a43cece1e4b2b11073ae022e26f951b2c1e89
SSDEEP

384:AVmrnehDKBaRHgDTiRDUg/4t16pQumWqc5Vsz81lUTNh1E:+/KBKgqZLO6iWKzk64

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d1f7d672446afc9cb323452c957c52be0649d02d199efb003d2f27a12ab73aa

Files

6d1f7d672446afc9cb323452c957c52be0649d02d199efb003d2f27a12ab73aa
.exe windows:5 windows x86

e2327f91b2a352c25a9a96a0c94a4be9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxW
LoadStringW

msvcrt

__lconv_init
memcpy
signal
_wcmdln
__winitenv
_initterm
_fpreset
_cexit
exit
__set_app_type
__wgetmainargs
_amsg_exit
__setusermatherr
malloc
memset

kernel32

InitializeCriticalSection
TlsGetValue
LeaveCriticalSection
GetLastError
EnterCriticalSection
DeleteCriticalSection
LoadLibraryW
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCurrentProcessId
Sleep
SetUnhandledExceptionFilter
GetProcAddress
lstrlenW
lstrcatW
GetSystemDirectoryW
GetStartupInfoW
GetModuleHandleW
GetCommandLineW
CreateProcessW
CloseHandle

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 328B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ