6647990c9c7d705c6cf6e9c2b53e678a | Triage

Sharing

General

Target

6647990c9c7d705c6cf6e9c2b53e678a
Size

17KB
MD5

6647990c9c7d705c6cf6e9c2b53e678a
SHA1

e016d97f24e398c5c182db80fac1ae38af6452f5
SHA256

e9cd8e1b52146304751e4bc56182933433d4f7694d5420bb90033bc3f227948a
SHA512

79dcf8c7f4d355214c1db344787447ada068385e4194f326c3f8e22ee02ae08784841acdb38b2c9dc54571a2f6b6d3d74803e17072f10b241077bb7d286b0683
SSDEEP

48:6sAiCtOiIyXNRWpSeAF7XCkKH73eO92dzQlCE1S43lmMOOFBv7v:vw9U94Cfbt9we50MOgdD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6647990c9c7d705c6cf6e9c2b53e678a

Files

6647990c9c7d705c6cf6e9c2b53e678a
.exe windows:4 windows x86 arch:x86

6e34b5f8b2e6f26fd0ba4cd3a7115dc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDCEx

kernel32

CreateThread
ExitProcess
GetAtomNameW
GetLastError
Sleep
WaitForSingleObject

gdi32

EnumFontsW

Sections

.text
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 320B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ