67df2dc90d294012434ada95710d1aa1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67df2dc90d294012434ada95710d1aa1
Size

253KB
MD5

67df2dc90d294012434ada95710d1aa1
SHA1

67ce62e589f6e803e37a6a5a776189aa30ab646b
SHA256

5ca1e043bb4ccd08dd74b57048ecbcdfbd068642e0df011d1065a763ca999187
SHA512

a41b4f93cd91cb4848a8eb1ff70f2f1174954f1746503622fc6c86b19f68c94260e659d4f9b8de6d75acb67cbf1dc7b2aaac66655f3935edc68383a1709e429e
SSDEEP

3072:k99btgjwMo+cmVYXEnIklYNzE3ksymvpNAKgNBkxOqNCMYP0lJxkA/KEWfnnc5G8:k9dOjwK2XcgpdmvPukxOTTA/KjnnP5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67df2dc90d294012434ada95710d1aa1

Files

67df2dc90d294012434ada95710d1aa1
.exe windows:4 windows x86 arch:x86

f4470024c0d03c5672d9b3b0e5c99bd5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetProcAddress
LoadLibraryA
TlsAlloc
FlushFileBuffers
GetCurrentThreadId
LoadLibraryW
GetCPInfo
HeapFree
GetStringTypeW
InitializeCriticalSectionAndSpinCount
Sleep
WriteFile
GetACP
GetModuleFileNameA
SetLastError
HeapCreate
GetTickCount
TerminateProcess
InterlockedDecrement
QueryPerformanceCounter
lstrlenA

user32

DestroyWindow

ws2_32

recv
send
WSAStartup
shutdown
connect
ioctlsocket
closesocket

msvcrt

fflush
memcpy
atoi

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 217KB - Virtual size: 617KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ