696b2374ef2ff5564406f1722f31758fb7b6bd30c3e046b628ab8126a7d06c8e | Triage

Sharing

General

Target

696b2374ef2ff5564406f1722f31758fb7b6bd30c3e046b628ab8126a7d06c8e
Size

12.0MB
MD5

8caceb5caa0779ebb2c9767a1e0d5e80
SHA1

385e4b0570b66ef9ba8001f3224693cc0bfd1d54
SHA256

696b2374ef2ff5564406f1722f31758fb7b6bd30c3e046b628ab8126a7d06c8e
SHA512

a7d0064e08ffe1a73e772c04ee5121100f339ff7e8acbd39c497d18fabcbbed362dd41691f69f1898a171a04bcb2e5565fbb979f4ffb500b94e9bda53d1d77f8
SSDEEP

1536:IXKMn8zcQzaBCAXdEWp2xcR+R9ARBYNDW72RS1qziipd1f55iDV9V:ov0KTd3p2xcgrA4NS6jzTjyh9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
696b2374ef2ff5564406f1722f31758fb7b6bd30c3e046b628ab8126a7d06c8e

Files

696b2374ef2ff5564406f1722f31758fb7b6bd30c3e046b628ab8126a7d06c8e
.exe windows:4 windows x86

76936fb1f61f470ac62278db5521a61f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

PeekMessageW
wsprintfW
GetClassLongW
InsertMenuW
CharUpperA
DrawStateA
PostMessageA
LoadMenuW
IsWindow
GetDlgItemTextA
LoadImageA

advapi32

RegDeleteKeyW
OpenServiceA
RegLoadKeyA
RegCreateKeyExA
RegSaveKeyW
RegReplaceKeyW
LogonUserA
RegUnLoadKeyW
RegDeleteValueA
ClearEventLogW

kernel32

lstrcmpA
GetCommandLineW
FileTimeToSystemTime
ReadConsoleW
GetEnvironmentVariableW
GetConsoleTitleA
FindFirstFileA
LoadLibraryA
GetFileType
WaitForSingleObject
GetProcAddress
CloseHandle
GlobalAddAtomW
CreateMutexA
GetModuleHandleA
FindNextFileW
DefineDosDeviceA

resutils

ResUtilGetBinaryValue
ClusWorkerTerminate
ResUtilDupString

Sections

.text
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rlc
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 11.9MB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ