68ae669b5437b18e2e152c370f25c0cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68ae669b5437b18e2e152c370f25c0cd
Size

24KB
MD5

68ae669b5437b18e2e152c370f25c0cd
SHA1

7ff47f58662234f1141461b34e91b2fd24a0d4cd
SHA256

e7b87c2bf342a93859bf9d9149b091e37ca7e2bfd165bf80117fc8315d8e21cc
SHA512

d792b34bd8d5cfb870605e019d9ed1babf15fb46d000a2d379bfa32952c882ee66a56460000b4c602f8df05a432172671b655f4dc4230895de7a2775b5a37fb8
SSDEEP

96:21HkkuELFG1hjwJb/fgTu3zJhSpnY6juV0c4nzPT39w4tyLuzzzzL3:CLUsngq3lhYYSuVonzPT39ws3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68ae669b5437b18e2e152c370f25c0cd

Files

68ae669b5437b18e2e152c370f25c0cd
.exe windows:4 windows x86 arch:x86

204fae459ee5ae834c7ccdea786f32f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
GetDefaultCommConfigW
GetExitCodeThread
GetThreadLocale
GetThreadPriority
CancelWaitableTimer
TlsFree
GetModuleHandleA
GetLargestConsoleWindowSize
GetUserDefaultLangID
ReleaseMutex
GetThreadTimes
TlsGetValue
SetEvent
CreateMutexA
CreatePipe
AddAtomA
GetConsoleCP
GetOEMCP
IsDBCSLeadByte
CompareStringA

user32

GetWindowTextLengthA
ShowWindow
GetWindowTextA
InvalidateRect
GetSystemMetrics
GetClassInfoExA
ValidateRect
IsWindowVisible
GetActiveWindow
ReleaseDC
CloseWindow
GetForegroundWindow
ReleaseDC
GetDC
RegisterClassA
IsIconic
GetWindow
GetFocus
GetClassNameA

tapi32

MMCSetLineInfo
MMCShutdown
MMCSetPhoneInfo
MMCInitialize
MMCSetServerConfig

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 522B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ