064c245cd1b3e24240e419be46c4b5a0 | Triage

Sharing

General

Target

064c245cd1b3e24240e419be46c4b5a0
Size

106KB
MD5

064c245cd1b3e24240e419be46c4b5a0
SHA1

4a2f0a1eaee759dcfa91d4d60753adb1508423f1
SHA256

41aa49ebaad065038d298100aac7014e96eeae3b3fdd28271e8dc900d7d63158
SHA512

9dcc8f62d4641c728e1e80f3fbbd82e36b178c61b41df70616d35c4b08d93e491d69324c3c5f16a5d25c5f6fd18f7d18db03917f4a902971e258f6ac17fed1c1
SSDEEP

3072:l1RofhzCGmkLvN0ABcoMolb1Xd1HsFIzN8C3:l1+mkB08Wol5t1Huk8C3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
064c245cd1b3e24240e419be46c4b5a0

Files

064c245cd1b3e24240e419be46c4b5a0
.exe windows:5 windows x86 arch:x86

0939b2c441994b35067ad60c5b140084

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathGetArgsA

user32

DrawFocusRect
DeferWindowPos
WaitMessage
DestroyMenu
GetDesktopWindow
GetWindowTextA
ReplyMessage
GetMonitorInfoW
GetMenu
DestroyCursor
LoadIconA
ShowOwnedPopups
DrawStateA

gdi32

BeginPath
CreateBitmap
SelectClipRgn
EnumFontsW
ExtTextOutA

kernel32

GetUserDefaultLCID
ExitThread
WriteFile
SystemTimeToFileTime
GetWindowsDirectoryW
GetCurrentProcessId
lstrlenW
DeleteFileW
CreateWaitableTimerA

comctl32

CreateToolbarEx
ImageList_Remove

Exports

Exports

?u_NTWEHYVRKDNB_@@YGKPAHPAG@Z
?_J__FGAgjsyfcbfzTUG@@YGPAXPAHE
?yopnrFQ_@@YGXKD@Z
?e_ofsXU_@@YGJPAG@Z
?mbmvetwngs@@YGXPAEE@Z
?RLDUMJ_KYvO@@YGJG@Z
?vuo_a__ia_vfksoFVAN_VJ@@YGXPAG

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.code
Size: 1024B - Virtual size: 820B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 249KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ