616c7ce9a9045ce5674317ab7ee1d21d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

616c7ce9a9045ce5674317ab7ee1d21d
Size

178KB
MD5

616c7ce9a9045ce5674317ab7ee1d21d
SHA1

49463fa7244e2a2c3c8ee5bef1cb46721ec54093
SHA256

4e8683a423774f1c8989b8cc4118e56a2f77706e5001954c0a07ba908d6aa3ac
SHA512

cc08d328a3838289d8820166e856322f2cd3d162e3ec63ef17c97d5f44346fd313aeea13e276cdd3e4c1318eeff295a2b8310e31807e01201da87c1c3947504f
SSDEEP

3072:l/li4Oa8iNyOi2f/vQinZFdll0xgWWbF7wBc+5CImuWXSJGlC24k2Z/hOGXx:hlZf8iNeIvQi5UOFsq82XQOGh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
616c7ce9a9045ce5674317ab7ee1d21d

Files

616c7ce9a9045ce5674317ab7ee1d21d
.exe windows:4 windows x86 arch:x86

225e5d973033734c22c0b9a87886dbfe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameW
SetFilePointer
WriteFile
IsDBCSLeadByte
QueryPerformanceCounter
FindNextFileA
GetCurrentThreadId
GetModuleHandleA
ReadFile
FindFirstFileA
EnumResourceTypesA
GetSystemDirectoryW
WideCharToMultiByte
EnumResourceLanguagesW
lstrlenA
GetCurrentProcessId
GlobalHandle
FindClose

oleacc

LresultFromObject
CreateStdAccessibleProxyA

newdev

UpdateDriverForPlugAndPlayDevicesA

Sections

.text
Size: 77KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ