06c2cb06432733504d7325dca32df28c | Triage

Sharing

General

Target

06c2cb06432733504d7325dca32df28c
Size

150KB
MD5

06c2cb06432733504d7325dca32df28c
SHA1

516bc049d10dda3e595d7880c4ee55d080554b74
SHA256

25c3bac120214ee17a8b9e147c1a71751b981ae15e86b1eaf845a4b7a6c43991
SHA512

aa6db3df4b79b726275867701b74784bfd7fe2794f4be6d93d022be00baddcf0859ef13b048fb2a080d001fc011c4527ffb2c99be6175325b70c2ea580904a28
SSDEEP

3072:go1fG2XeEIKWzCwJOYrqRsH30vt0r70CuCgEfe6dR/D1sAS0ynHT:gyfG2hqJR2JmoTtEfec/D1ihz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06c2cb06432733504d7325dca32df28c

Files

06c2cb06432733504d7325dca32df28c
.exe windows:4 windows x86 arch:x86

cd30613517b353fdfecc540549298f70

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

UnregisterWaitEx
LoadLibraryExA
GetStartupInfoA
GetBinaryTypeA
RegisterWaitForSingleObjectEx
EnumCalendarInfoExA
ExitThread
CreateEventA
GetCurrentProcessId
DnsHostnameToComputerNameA
GetModuleHandleA
FindFirstFileExA

user32

CopyAcceleratorTableW
PtInRect
DragDetect
SetWindowsHookExA
ToAscii
AnimateWindow
BeginDeferWindowPos
ClipCursor
GetNextDlgGroupItem
VkKeyScanExA
SystemParametersInfoW
InSendMessage
WaitMessage
FlashWindowEx

msvcrt

_acmdln
__setusermatherr
exit
_initterm
memcpy
__p__fmode
_except_handler3
__getmainargs
__set_app_type
_adjust_fdiv
_exit
_controlfp
_XcptFilter
__p__commode

Sections

.text
Size: 91KB - Virtual size: 90KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ