06c1a7e9c6b1a0124c408a8c9ca3719a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06c1a7e9c6b1a0124c408a8c9ca3719a
Size

36KB
MD5

06c1a7e9c6b1a0124c408a8c9ca3719a
SHA1

39a6edbd61591d1711f17ab121ae1e4d9c15d906
SHA256

41a02ac464c182ff4f10891b540aa0ab634cb14a6a1439d3b2ba316e63547387
SHA512

bb36fd9d744a39d01aced89cd740ff115698f6ce630cbe9093f608c4630d9efa2d5715fbfdbd5b5020e76d39131c7285fdd0b5b456ed8e32b36e818bf622fba2
SSDEEP

768:mqzWin7QG9ZYzbHvex2YjSupN2My8ATV627RN0D:mqLybPe1vN2My80V627/C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06c1a7e9c6b1a0124c408a8c9ca3719a

Files

06c1a7e9c6b1a0124c408a8c9ca3719a
.exe windows:4 windows x86 arch:x86

61dd51cc4f111721375c46c2b9e0f8e3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

cfgmgr32

CM_Reenumerate_DevNode

setupapi

SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo

kernel32

CreateFileA
GetPrivateProfileIntA
GetStartupInfoA
DeviceIoControl
Sleep
GetWindowsDirectoryA
CloseHandle
GetPrivateProfileStringA
LoadLibraryA
FreeLibrary
GetModuleHandleA
WaitForMultipleObjects
CreateThread

user32

FindWindowA
DispatchMessageA
GetMessageA
CreateWindowExA
RegisterClassExA
PostQuitMessage
DefWindowProcA

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

msvcrt

__setusermatherr
_onexit
_exit
free
_controlfp
_except_handler3
__set_app_type
__p__fmode
_strcmpi
__p__commode
??2@YAPAXI@Z
_errno
_adjust_fdiv
malloc
__dllonexit
_initterm
_XcptFilter
exit
_acmdln
__getmainargs

wsock32

socket
__WSAFDIsSet
select
accept
listen
bind
recv
htons
WSAStartup
send
WSACleanup
closesocket

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE