601220719d6d5086414f59867c7d4f1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

601220719d6d5086414f59867c7d4f1a
Size

1.0MB
MD5

601220719d6d5086414f59867c7d4f1a
SHA1

50c6b4e86ee688aa3c87fc6d485e909e65f35691
SHA256

75ee473951e58ed009f64fcfe9009495ca1f65e34b17689c9203feb53337c34b
SHA512

e711310f5b1327d00458d04c361c711494b138031b2ffaab9310dba252d3ad032a5b089b3cb29cf0a89fd3066e7dfcb82c753361de53c43e13f31bf38e38a4e1
SSDEEP

12288:JTDKCOpxfb66UG/xmvtkJLFjx5hvd8UyC8qqKT/WYpvU2GzRS/x3m9Cy4G6EIbC5:dN2x2uJ2CJLxdVWqqKqJix3ZyMlCKm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
601220719d6d5086414f59867c7d4f1a

Files

601220719d6d5086414f59867c7d4f1a
.exe windows:4 windows x86 arch:x86

74ccbfde4056b8fa03a24b8d23f26f11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
lstrcpyA
GetVersion
GetVersionExA

msvcrt

__getmainargs
rand
wcschr
__setusermatherr
exit
__CxxFrameHandler
_adjust_fdiv
__p__commode
wcslen
_controlfp
wcstoul
toupper
_acmdln
_XcptFilter
__p__fmode
_c_exit
memmove
_except_handler3

user32

GetWindowRect
GetSysColor
EndDialog
PostQuitMessage
BeginPaint
DestroyWindow
SetFocus
DialogBoxParamA
TranslateMessage
ShowWindow
GetMessageA
EndPaint
GetClientRect
LoadIconA
CreateWindowExA
ScreenToClient
DefWindowProcA
SetWindowTextA

gdi32

GetTextExtentPoint32A
GetBkColor
GetStockObject
LineTo
CreateCompatibleDC
PatBlt
SetROP2
CreateFontIndirectA
SelectObject
MoveToEx
ExtTextOutA
SetBkMode
GetTextMetricsA
DeleteObject
SetPixel
CreateSolidBrush
GetPixel
BitBlt
GetTextColor
GetObjectA

Sections

.text
Size: 1024B - Virtual size: 959B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ