61769dce32cc146b748011a508c0a562 | Triage

Sharing

General

Target

61769dce32cc146b748011a508c0a562
Size

21KB
MD5

61769dce32cc146b748011a508c0a562
SHA1

03f244154c98cb169bc54c75f4d64586b1b0839d
SHA256

56c9136b8f3d6f11f72205d2018460fbcf5b40b5b7938d873f1f909e7e5452e2
SHA512

b981477937557da0d8ada5e9914d7530d20884e67d8120c980acce6306b989490906a8e97559a7d7927e06b50189320ffa7f444801d7db3457220c0d8a405272
SSDEEP

384:Gz/h4wX8lyQg5zAHi/r+mC6VNwUK32n0hZwksC:Gz5X8ZwAHi/SmHVNwSSwksC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
61769dce32cc146b748011a508c0a562

Files

61769dce32cc146b748011a508c0a562
.exe windows:5 windows x86 arch:x86

5c0376367f77415b675e9eec34d01958

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapFree
GetCommandLineA
FatalExit
GetModuleHandleA
SetVolumeLabelA
GetCurrentThreadId
RemoveDirectoryA
IsBadWritePtr
AddAtomA
HeapCreate
GetDriveTypeW
SetEndOfFile
WaitForMultipleObjects
ClearCommBreak
CreateDirectoryA
DeleteAtom
CloseHandle
WriteFile
GetModuleFileNameA
GetFileType
CreateSemaphoreA
RemoveDirectoryA
FindClose
CreatePipe
FindAtomA

cryptui

CryptUIDlgViewContext
CryptUIWizBuildCTL
LocalEnrollNoDS
CryptUIDlgFreeCAContext
CryptUIWizExport
CryptUIWizImport
CryptUIWizDigitalSign
DllRegisterServer
WizardFree
LocalEnroll
WizardFree
CryptUIStartCertMgr
DllUnregisterServer

mgmtapi

SnmpMgrCtl
SnmpMgrCtl
SnmpMgrCtl
SnmpMgrCtl

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE