6648d75f78570cca987eb2c0ae674d9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6648d75f78570cca987eb2c0ae674d9c
Size

384KB
MD5

6648d75f78570cca987eb2c0ae674d9c
SHA1

aa2a4c4db8409c6993b79fe399f9a608b0f89bb7
SHA256

41c4a1e99cad8a5832882ac126e4e589c42a24c11ba1126b798cd824a4902983
SHA512

08d86996b7edd78d9efb5eab8a0e2442160e3caaeaef1544ce9de7672acec908b67d321c841ce1ba8001c77558aadac52c1740b36fbbd3b6bbd714c8af093e14
SSDEEP

6144:LOtARv55G5ke9MRs0On1SIFs7Bqwtj9kJ8c0IITjZ0N7/cYL9duz4hwOUu808OhP:lR5GdCs0O1BkBqwtjFc0fTjZOT59ozIP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6648d75f78570cca987eb2c0ae674d9c

Files

6648d75f78570cca987eb2c0ae674d9c
.exe windows:4 windows x86 arch:x86

a9ce987a95b63455176f860198de1576

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLastError
CreateFileA
GetACP
GlobalLock
HeapCreate
IsBadReadPtr
FreeEnvironmentStringsA
LocalFree
LocalUnlock
CloseHandle
CreateEventA
GetConsoleCP
GetFullPathNameA
LoadLibraryExA
IsDebuggerPresent
CreateFileMappingA
GetStdHandle
DisconnectNamedPipe
FindClose

user32

CreateDialogParamA
GetIconInfo
GetMessageA
GetDC
GetDlgItem
DispatchMessageA
IsWindow
PostMessageA
EmptyClipboard
SetFocus
EndDialog
ScrollWindow
DefWindowProcA
DrawIconEx

uxtheme

EnableTheming
GetThemeMetric
DrawThemeIcon
GetThemeColor
CloseThemeData

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ