63a1ac00734811f60f56a210650fd50a | Triage

Sharing

General

Target

63a1ac00734811f60f56a210650fd50a
Size

175KB
MD5

63a1ac00734811f60f56a210650fd50a
SHA1

1b1165f3e9c222e13e56a7ef972d53e8ffab35d2
SHA256

e304524ea2b493a6fff4dd4b2c94a870f7b0ed612d246924b45a2b0a9f2b30fa
SHA512

3c385367d8f7cef47538e481947c36b089c97db80f7f78c2b5b4cf81e4791b52977868f1ee17959aa557d1ddf34f077a1743336ef5fe1b64624077d116ddceba
SSDEEP

3072:0CiZ4uJ+Rm+FkWoFllg/5ZBkDz1nOguz4tcjXuVyXt2V+I:l7VPFiK/5vk/1Ob80Xt2V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63a1ac00734811f60f56a210650fd50a

Files

63a1ac00734811f60f56a210650fd50a
.exe windows:4 windows x86 arch:x86

e8dd2e7ea5f2a8c847b29804db08e8d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

LoadResource
FileTimeToSystemTime
ConvertFiberToThread
GetCurrentProcess
LocalAlloc
FindFirstFileW
SetThreadIdealProcessor
LocalFileTimeToFileTime
IsBadReadPtr
FreeLibrary
SystemTimeToFileTime
FileTimeToLocalFileTime
SetEnvironmentVariableW
LocalFree
CompareStringA
FindClose
EnumResourceNamesW
RegisterWaitForSingleObject
GetSystemDirectoryW
GetStringTypeW
SetCurrentDirectoryW
GetShortPathNameW
FindNextFileW
FindResourceW
GetOEMCP
GetLocalTime
SetErrorMode
LCMapStringW
SearchPathW

user32

IsWindowEnabled
ReleaseCapture
ValidateRgn
IsWindow
DestroyWindow
InvalidateRgn
FlashWindow
ExcludeUpdateRgn
ValidateRect
SetCapture
EnableWindow
UpdateWindow
RealGetWindowClassA
GetCapture
GetUpdateRgn

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ