64202b423e0cb709fc8bc291bc81b790 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64202b423e0cb709fc8bc291bc81b790
Size

305KB
MD5

64202b423e0cb709fc8bc291bc81b790
SHA1

8f36b80828e28260bba0bd374ab6f258b0217d8d
SHA256

21ff5aeeff13d659e3d1f8a36474bc897925c6f4d1030f58412920457ba324e3
SHA512

26459dc31d7cf5ffcea67231eee6262a90f8aa58e7c320b51673f824446ded8c8b64432f90cf993b773226f5a01dfe8bcda40118bdce5a70ab4d7812a9a7fd9a
SSDEEP

6144:zdxPC07ZUEb4hRkJ6CduT3Bf2Hb8ljWl1O:zdxq07+Eb4hO6CdYRfUO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64202b423e0cb709fc8bc291bc81b790

Files

64202b423e0cb709fc8bc291bc81b790
.exe windows:4 windows x86 arch:x86

ebc1bebbdcbcf643e60aca363f534dd7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
LocalFree
ResumeThread
lstrlenW
HeapCreate
FindClose
GetModuleHandleA
GetPrivateProfileStringW
GetCurrentThreadId
FindAtomW
GetNumberFormatW
SetLastError
ReadFile
TlsGetValue
CreateEventW
EnterCriticalSection
GetConsoleAliasW
EnumCalendarInfoW
GetDriveTypeW
SetEvent

user32

IsWindow
GetCursorInfo
DispatchMessageA
GetClientRect
SetFocus
CallWindowProcW
GetKeyboardType
DispatchMessageA
GetSysColor
DrawTextA
GetKeyState
GetMenuInfo
GetClassInfoA

wsnmp32

SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout
SnmpGetTimeout

msasn1

ASN1BERDecBool

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 416KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 295KB - Virtual size: 294KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ