0010d605a2b60643537771dd074b5c2a | Triage

Sharing

General

Target

0010d605a2b60643537771dd074b5c2a
Size

41KB
MD5

0010d605a2b60643537771dd074b5c2a
SHA1

5708a81e0913b25cdb54533b7dc2624d7f406970
SHA256

eaf16c83903d08dec85e36e209ecce8d7f42336ba3ee4cc7ac7cbe3babb58584
SHA512

9b6affd23630e1c780fb153287ed759e2b5ece115f09503590b2e22a3f7ad2254b40b4011eb8719392b99ca81b4e366f972382ddf527ec88ec7afdb77fcc13d8
SSDEEP

768:mizpD3PghHbXpP9+3A/Cmmco1eaCxH9l+8cDqIKn5iqJ87Mi:mizpDgvPUQK/coB69l5KO5iqJcMi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0010d605a2b60643537771dd074b5c2a

Files

0010d605a2b60643537771dd074b5c2a
.exe windows:4 windows x86 arch:x86

2d678cd6482486fe5a2181c3f2f2a7be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
ExitProcess
FatalAppExitA
FindResourceA
GetACP
GetCommandLineA
GetCurrentThreadId
GetFileType
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetSystemTimeAsFileTime
GetVersion
HeapAlloc
HeapCreate
HeapReAlloc
HeapSize
IsValidCodePage
IsValidLocale
LeaveCriticalSection
MultiByteToWideChar
QueryPerformanceCounter
ReadFile
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
TlsGetValue
lstrcatA
lstrcpynA
lstrlenW

msvcrt

__p__commode
__set_app_type
exit
fwprintf
setlocale
wcscpy
__getmainargs

user32

DestroyIcon
FindWindowA
GetUpdateRgn
ReleaseDC
UpdateWindow

winmm

mmioGetInfo
mmioRenameA
mmioSeek
timeGetTime
waveOutGetNumDevs
mmioAdvance

Exports

Exports

TTF_ByteSwappedUNICODE

Sections

.text
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ