611f928c244f41e7394ac2485e3f15cb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

611f928c244f41e7394ac2485e3f15cb
Size

177KB
MD5

611f928c244f41e7394ac2485e3f15cb
SHA1

109104b76d2c0032495fea593b0fdae57b0419de
SHA256

e4b8a7f66c95b74bccaad95ebf793a362cc459fa0a23c3aca1e0a0d8409e9f5c
SHA512

ced3fdedd529b1fc4ae466bf77d5fb586ab1b4025853a88833e40ce75572aa4651f0c454389ff7407340df3eb2a4e604ae6f09bd41c15a5228029657b28244eb
SSDEEP

3072:44CvMKcLp3bdPrKRmLE1ZLT57a8uyEBrvRm9+xHoMA0UtLVbDgIV0b35B:44CvMbLpFrX+Zn5zYvBID0oL9Sj3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
611f928c244f41e7394ac2485e3f15cb

Files

611f928c244f41e7394ac2485e3f15cb
.exe windows:4 windows x86 arch:x86

2dbab8115bf28e6867cb66f9c1da7ee5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoGetMalloc
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
StringFromGUID2
CoTaskMemRealloc

kernel32

GetStartupInfoA
EnterCriticalSection
GetCPInfoExW
TlsSetValue
GetFileType
GetEnvironmentStrings
GetCPInfo
InterlockedIncrement
GetThreadLocale
MultiByteToWideChar
GetEnvironmentStringsW
WriteFile
GetVersionExA
QueryPerformanceCounter
RaiseException
GetLocaleInfoA
DeleteCriticalSection
FreeEnvironmentStringsA
UnhandledExceptionFilter
EnumResourceTypesA
InitializeCriticalSection
SetHandleCount
GetStdHandle
lstrlenW
FreeEnvironmentStringsW
LoadLibraryW
GetTickCount
InterlockedExchange
HeapSize
LeaveCriticalSection
GetOEMCP
GetLastError
WideCharToMultiByte
GetACP
TlsGetValue
GetCurrentProcessId

gdi32

GetTextExtentPointA
SelectObject
GetDeviceCaps
DeleteObject
GetTextMetricsA
CreateFontIndirectA

msimg32

AlphaBlend
TransparentBlt

Sections

.text
Size: 105KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ