62e43e598a658bc541fb3b8c8e239202 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62e43e598a658bc541fb3b8c8e239202
Size

160KB
MD5

62e43e598a658bc541fb3b8c8e239202
SHA1

0bdd110715b66ce24061005b8e350fd88ace5ced
SHA256

868865f5c2805a410c95cf654774895d0a46a84a472acfab54b838710a4a618b
SHA512

74a3499c303daf166f2efc08e67035eeb5681858e7fb9a6dcbb4661809efcbe599816941c1c67fec9aa0689bbb93a710ca4c0f0526a347965b37cd1b4058abb8
SSDEEP

3072:ioaurTHuv2MMMMM2MMMMMo2w/GxKuN3SMlfK7pscTNY6L6tNilAlQr4ol6WRFHlk:i1uLMMMMM2MMMMMlsWKuxT8C+NYLHihU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62e43e598a658bc541fb3b8c8e239202

Files

62e43e598a658bc541fb3b8c8e239202
.exe windows:5 windows x86 arch:x86

9fae8aaac5f62b98fc764c2aff5abffb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

kernel32

ExitProcess
GetModuleHandleA
GetStartupInfoA
SetErrorMode
GetCommandLineA
ReleaseMutex
CloseHandle
GetFileAttributesA
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryA
lstrlenA
WaitForSingleObject
CreateMutexA
lstrcmpiA
lstrcpyA
GetEnvironmentVariableA
GetVersionExA
IsDBCSLeadByte
lstrcpynA
GetModuleFileNameA

user32

FindWindowA
GetWindowThreadProcessId
SetForegroundWindow
SendMessageTimeoutA
LoadStringA
MessageBoxA
CharNextA

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ