106e3d8a593aa422522d53d1e2bcd2f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

106e3d8a593aa422522d53d1e2bcd2f8
Size

267KB
MD5

106e3d8a593aa422522d53d1e2bcd2f8
SHA1

cb418da05c0642222a98886272a9e33b3a49b618
SHA256

45abb256f32677395a2ad3a8e2fc458578320171716262b9e766c9b03f957550
SHA512

1f702fc36c41923bba34347df3a70f0201381dca7ae9a045850117a9613e5728d4bfad25ff3b804e7f53584e8971afb5fa25820b9acc0237c05bfa0fdebf29af
SSDEEP

6144:n85mNWJAn44mTQQcrXZ+RwmBpOoffttYE+1cpYp:k/TQQcrX0Rwm3BF7dp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
106e3d8a593aa422522d53d1e2bcd2f8

Files

106e3d8a593aa422522d53d1e2bcd2f8
.exe windows:4 windows x86 arch:x86

3db7aeed7cf9a65c38001de44f39e2d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
HeapAlloc
HeapCreate
SetLastError
TlsAlloc
QueryPerformanceCounter
HeapReAlloc
VirtualFree
GetCurrentProcessId
IsBadWritePtr
EnumSystemLanguageGroupsW
HeapDestroy
GetWriteWatch
VirtualAlloc
GetSystemTimeAsFileTime
VirtualQuery
TlsFree

oleacc

CreateStdAccessibleObject
AccessibleChildren

shlwapi

PathAddBackslashW

user32

DestroyIcon
SetWindowTextA
LoadImageA
CreateWindowExA
GetDlgItem
GetWindow
LoadStringA
GetParent

winmm

mciSendCommandA

shell32

SHChangeNotify
SHGetMalloc
SHGetPathFromIDListW

Sections

.text
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 141KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ