62fa1405e525ecd6dedf9c3177420259 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

62fa1405e525ecd6dedf9c3177420259
Size

225KB
MD5

62fa1405e525ecd6dedf9c3177420259
SHA1

01d3e19ed31f751d00a792a058f2283401ceed5f
SHA256

5eeba18ea6792182eb063bd61e88bf283a9830dde32c850e5c829c6401b2067c
SHA512

55b9d6aeb452646472525c57f53c7df56252b9a751231f6df21b90cb52fc3c2a14cfbbfa30e106bd0374e61a393c7becf301b258b8c493d09ed58ba69b117ff7
SSDEEP

3072:wVYgePfC5j72D5s7lWtx+MuOBo/GCiUU7EI5P:QYgafC5j74SxWluOBsGCvU7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
62fa1405e525ecd6dedf9c3177420259

Files

62fa1405e525ecd6dedf9c3177420259
.exe windows:4 windows x86 arch:x86

d32b66c99b5a7f0399826f461cb333bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetThreadLocale
VirtualAlloc
ExitProcess
LoadLibraryA
VirtualAllocEx
WaitForSingleObject
VirtualFree

advapi32

RegOpenKeyA
RegQueryValueExA
GetUserNameA

user32

GetTopWindow
GetMenu
SetWindowLongW
IsCharLowerA
SetWindowPlacement
SetWindowTextA
CreateMenu

comctl32

ImageList_DrawEx
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_Write
ImageList_Read
ImageList_Draw
ImageList_Add
ImageList_Create

Exports

Exports

gvlobaA90LKrr
_KQWCkqDIWb6m@24
YrNk5sZW4Kj
7wj9E@20
_zP7p_Nr@20
_awLeCft1RB@4
_XBBwDb0RVj
UvQrlbN7u6@8

Sections

CODE
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 9KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fodata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.podata
Size: 512B - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ