063b788038703712736b5e09f12a0af7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

063b788038703712736b5e09f12a0af7
Size

751KB
MD5

063b788038703712736b5e09f12a0af7
SHA1

0cf832354a79057b48a4be1e1aa714202e2682bd
SHA256

bcaf858ba46a758ed2c64505b60e9dcf40d88e8561bd590c93b1cd7ba675f7c4
SHA512

ba0b8cf15a61d2fd1b489fc9febde753343cba76afa04682e13e04f66967dc5404f9a061c6dbc0f1c03bf0a5992587ab93121790bbbac5f7c7dd86e5d63350ed
SSDEEP

12288:5CY8H58I6TVtx+2kKtPh/4qZDiv+HQ7CQZS9LQVD/rJeIQpkm9Nfb6XxLcPL:5h258Tx+1KtPhDICQMaHi5fWU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
063b788038703712736b5e09f12a0af7

Files

063b788038703712736b5e09f12a0af7
.exe windows:4 windows x86 arch:x86

b3e9ce629876e82f766f6ebf20503fc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
WaitForMultipleObjects
GetFileAttributesA
ResetEvent
HeapSize
GetStdHandle
GetCurrentDirectoryA
WaitForSingleObject
SetLastError
CloseHandle
GetEnvironmentVariableW
FindClose
Sleep
GetStartupInfoW
HeapCreate
DeleteFileA
ExitProcess
GetConsoleTitleW
OpenProcess
CreateFileA
GetModuleHandleA
RemoveDirectoryA
GetTickCount
GetCommandLineW
GetLocalTime

user32

GetSysColor
FindWindowW
DispatchMessageW
CallWindowProcW
DispatchMessageW
GetDC
GetWindowLongA
GetDC
FillRect
GetClassInfoA
MessageBoxA
PeekMessageA
GetDC

vbajet32

VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv
VBAGetExprSrv

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ