660326380601aadcee629d18d39ba854 | Triage

Sharing

General

Target

660326380601aadcee629d18d39ba854
Size

129KB
MD5

660326380601aadcee629d18d39ba854
SHA1

8b1c09b71fd7ffee4683a97c1de7b1d2f893cd19
SHA256

9f8c7c8864522aa2c833996a4b910881d253256083e28e0b7470ad9735d2fa45
SHA512

1a25117755a37d7495e14d171bcd0c8f43d5a9b57936a17f360de65744f216d55ee12368db69bf0044aa66a2a998803a22188c3cabb1aeb0f6d1a2c314a940d5
SSDEEP

3072:xK5qHH07O7nNQsOyoxW4vP6WAtUoBZXVy4ysGSmN48:/U767oxW4n6WAxU5sG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
660326380601aadcee629d18d39ba854

Files

660326380601aadcee629d18d39ba854
.exe windows:4 windows x86 arch:x86

a157285af67eb704e354cf62b0a156c1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetModuleHandleA
GetDateFormatA
GetEnvironmentStrings
GetFileAttributesA
VirtualAllocEx
GetDiskFreeSpaceA
LoadLibraryA
GlobalAlloc
IsBadHugeReadPtr
ExitProcess
ExitThread

shlwapi

PathIsDirectoryA
SHSetValueA
SHDeleteKeyA
SHDeleteValueA

gdi32

SelectObject
GetBkColor
SetPixel
SelectPalette
GetBkMode

user32

IsCharLowerA
IsCharUpperA
GetSystemMetrics
MsgWaitForMultipleObjects
CreateWindowExA
MoveWindow
GetWindowTextLengthA
GetMenu
DrawAnimatedRects

version

VerQueryValueA
VerInstallFileA

Exports

Exports

_WLIRoo25zKwE2
JwDr6f1SRE@20

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ