67a47a00e0217b23421354a859d6fafd | Triage

Sharing

General

Target

67a47a00e0217b23421354a859d6fafd
Size

425KB
MD5

67a47a00e0217b23421354a859d6fafd
SHA1

78420fea6eae62a44e599a77e4dce53ed814f0da
SHA256

6d05012af704ff045364a73cff0ba6b3052a1a99a597117d0f23f1bd068d59ab
SHA512

7b631fdc3fad3d07330ccedb52f64b521eb42ac85b09e3346c216bf965f92a8bcfb528cee0bed45711927941639246f43ed091bde26d5b7a87369e5a64e0228f
SSDEEP

6144:9c9cTrY1BWNEe2mcnkLbm3Yw9v4J5LJeJ/HGl5+2Fk382Ac:9c9cY1s6tmckLbBwd4gxGC2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67a47a00e0217b23421354a859d6fafd

Files

67a47a00e0217b23421354a859d6fafd
.exe windows:4 windows x86 arch:x86

8f53b471b76af7215cca3efea9b6fa65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
GetDriveTypeW
GetModuleFileNameA
GlobalFree
ResetEvent
GetPrivateProfileStringW
GetProcessTimes
FindAtomA
ReadFile
GetModuleHandleA
CreateMailslotA
GetCurrentThreadId
SetLastError
LocalFree
EnumCalendarInfoW
FindClose
EnterCriticalSection
SuspendThread
GetFileAttributesA
HeapCreate

user32

DrawTextW
GetWindowInfo
IsWindow
CallWindowProcW
GetKeyboardType
GetClientRect
DispatchMessageA
SetFocus
GetClassInfoA
GetSysColor
GetWindowLongA
DispatchMessageA
GetKeyState

cliconfg

OnInitDialogMain
OnInitDialogMain
OnInitDialogMain
OnInitDialogMain
OnInitDialogMain

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 415KB - Virtual size: 414KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ