066b566041c984765d2d9cdfd6137295 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

066b566041c984765d2d9cdfd6137295
Size

155KB
MD5

066b566041c984765d2d9cdfd6137295
SHA1

224acf61873bc5bd2c8e7959c2b732df5f3b6fd5
SHA256

4f87064af61eb6d3ccf4dca472e1bb667d823203b6eaee31dcb0f6c3fd722dcd
SHA512

59e2edd5caa7a5725408afb80120d116ecc4ca89190b810bef647fb17dc954c0a55a0f109f2a7e676b1100f0d24d1db89add802ea649a70ce46fc403810897e7
SSDEEP

3072:tR8eyOuQJu/vzLkNTtFTYT+Wo5F9Przoayb7RVfNSwxzf/W:TL5Q/vzL8wT8xTCrfzr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
066b566041c984765d2d9cdfd6137295

Files

066b566041c984765d2d9cdfd6137295
.exe windows:5 windows x86 arch:x86

1d7440010c2627b6f52738f5092fec5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextA
SystemParametersInfoA
CopyRect
GetClassInfoExW
MessageBoxExA
SetWindowRgn
DialogBoxIndirectParamW
DrawIcon
CharLowerBuffW
CreateDialogParamW
RegisterWindowMessageW
TrackPopupMenuEx
LoadAcceleratorsA

kernel32

GetThreadTimes
lstrcmpA
ClearCommBreak
SetThreadExecutionState
CreateWaitableTimerW
GetLocalTime
OpenEventA

shlwapi

UrlGetPartA
StrToIntW

gdi32

PolyBezier
GetTextAlign
TextOutW
SelectObject
EnumFontFamiliesExW
GetTextExtentPoint32A

comdlg32

GetFileTitleW
PageSetupDlgW

Exports

Exports

?lm__yTJ_M@@YGPAJNK@Z
?f__HDY_PRLV@@YG_NG@Z
?NOPQQWYZLON_ndEDN_Q_@@YGPAXJ@Z

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 51KB - Virtual size: 382KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ