67b67a6a86b94b7845170701b0aa80e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67b67a6a86b94b7845170701b0aa80e5
Size

385KB
MD5

67b67a6a86b94b7845170701b0aa80e5
SHA1

0bcef7dd0aca624fa5fbea02287e4499c94af684
SHA256

1e9974d155cf2bc22dfe9042068e225229759562eaa945cd92771028f88abc8b
SHA512

e6801acd273f1bb59f673c3797178b2bc42748d021e7efc61e5ad11681d6b15a6e8d3dceec3024906f840554adb5d9d0127081253b38165bb03f733444266a7d
SSDEEP

6144:QfPcpCG0fJMHneMCDB6sEFu6XwydbyY9gHDtWGDSYAnLCI:R4G0fchCd+RXwycY9gkGTALb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67b67a6a86b94b7845170701b0aa80e5

Files

67b67a6a86b94b7845170701b0aa80e5
.exe windows:4 windows x86 arch:x86

d8ae183ea2e013ac03cca6230f154e08

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetDriveTypeW
GetACP
VirtualAlloc
GetExitCodeProcess
lstrlenA
LocalSize
ResumeThread
GetPrivateProfileIntW
GlobalFree
FindVolumeClose
CloseHandle
GetEnvironmentVariableA
LocalFree
GetModuleHandleW
WriteFile
FreeConsole
InterlockedExchange
ResetEvent
GetMailslotInfo
CreateThread

user32

DrawStateW
GetCursorInfo
CreateWindowExA
IsWindow
CallWindowProcW
GetKeyboardType
SetFocus
GetSysColor
GetClassInfoA
GetSysColor
DispatchMessageA
GetClientRect
EndDialog

qedit

DllUnregisterServer
DllUnregisterServer
DllGetClassObject
DllUnregisterServer
DllUnregisterServer

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 412KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 375KB - Virtual size: 375KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ