0f663139fc28c2a6f5cdd027b678840d | Triage

Sharing

General

Target

0f663139fc28c2a6f5cdd027b678840d
Size

143KB
MD5

0f663139fc28c2a6f5cdd027b678840d
SHA1

b72d30e1fe12b5a821f26e67213e84ff84c58ddf
SHA256

e45c9347a16e9a592b8cab15925576a81cbf97c3a118bb7be5a91d114e8d10a8
SHA512

7bce304ca10bf965602a7a3a027862935bdec1a72aed085146dc579ab2a874cfc385f649a9d52dac099e8349b6d67394b472b086adbf45ab76f0da524d1ea032
SSDEEP

3072:u+P1TyJsqsK25B8MpVJ9+o70vAj6SADAHNnl7mTqRmuQ:RdrsMZC/lSnl7MqU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f663139fc28c2a6f5cdd027b678840d

Files

0f663139fc28c2a6f5cdd027b678840d
.exe windows:5 windows x86 arch:x86

fcd1fbda634e2b1157ad2e6649875ea5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetProcAddress
GetStringTypeW
CreateNamedPipeW
AttachConsole
LoadLibraryA
SizeofResource

user32

GetMenuState
SetPropA

gdi32

BitBlt
CreateCompatibleDC

advapi32

LsaFreeMemory

Exports

Exports

idglugotzwp
quloirlpe
qyerdrwdzzl

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 448B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 456B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ