60a3ee5f5af7760822c375f524f065ec | Triage

Sharing

Copy URL Twitter E-mail

General

Target

60a3ee5f5af7760822c375f524f065ec
Size

131KB
MD5

60a3ee5f5af7760822c375f524f065ec
SHA1

467ec0166f95dd04bfef29513cf0049904e2c23a
SHA256

942b021cb16858592ae2cca953593424afc4ad3fd9e0cc547231b0f0f32fed0b
SHA512

659d108b9d17770361d3161d55e8c87745f8eeeec2c1eee2445349ae2a7c08298fcda551bec2e309efc21a283b6999ba56d70086f6932a11ee1d7a911946b2d2
SSDEEP

3072:D3RngyUn6CvWE3NB81XLR5gxnEKF0ysTJFyx1/yFNaD:dngyU3v73NB85lgVVsVFyqFM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
60a3ee5f5af7760822c375f524f065ec

Files

60a3ee5f5af7760822c375f524f065ec
.exe windows:4 windows x86 arch:x86

6dba52fe1093ad906c40dd2803f083b0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
ExitProcess
FindClose
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
HeapFree
IsDebuggerPresent
LoadLibraryA
LoadLibraryW
LocalFileTimeToFileTime
MulDiv
QueryPerformanceCounter
SizeofResource
VirtualAlloc
VirtualFree
lstrcpyA

user32

BeginPaint
CreateWindowExA
GetForegroundWindow
GetParent
GetSysColor
GetWindow
GetWindowLongA
GetWindowPlacement
InvalidateRect
IsWindow
SetFocus
ShowWindow

gdi32

CreateDIBSection
CreatePalette
CreatePen
Escape
ExtTextOutA
GetBitmapBits
GetEnhMetaFileHeader
GetSystemPaletteEntries
IntersectClipRect
MaskBlt

shell32

DragAcceptFiles
SHGetMalloc
SHGetSpecialFolderPathW
ShellExecuteA
ShellExecuteExW

Sections

.text
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ