65d0ce29955a007145e52d808115d07b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65d0ce29955a007145e52d808115d07b
Size

76KB
MD5

65d0ce29955a007145e52d808115d07b
SHA1

3fbf8cc4f1a787c35d3f22c6d8ec7aee78901fbc
SHA256

67686aec7bbfcaa9598d658e0a7dd8016d6956ce0713b7da3b2012261a1720f8
SHA512

5289c69f29ca03207540e7dbd18418946196d9d14e8347e0b3189e297404343d574bbac1ea5e61ac4f2baca43bd98998884378343bd9e5bfd7b18f5742f91160
SSDEEP

1536:EzID2O6AWxIt6tbMe4h1gPT8jc+P6vzYufxGahfO5ffZLkIN6qh2:EzIadlCnnurvzHhhfYfRLk62

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d0ce29955a007145e52d808115d07b

Files

65d0ce29955a007145e52d808115d07b
.exe windows:4 windows x86 arch:x86

fdc4d80357a3ddc0799a98a24c3703bc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
TrackPopupMenu
IsWindowUnicode
UnhookWindowsHookEx
SystemParametersInfoA
TranslateMDISysAccel
GetMenu
ShowWindow

kernel32

VirtualAlloc
LoadLibraryA
GlobalAddAtomA
GetVersionExA
GetVersion
ExitProcess

Exports

Exports

EOgSi_SZHJmMFj
pDeWobm9U
_bKp76_nC@24
0kAjZiRh2I

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 53KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ