6c5e82f2a643750b9d878db947ef3574 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c5e82f2a643750b9d878db947ef3574
Size

18KB
MD5

6c5e82f2a643750b9d878db947ef3574
SHA1

7eba9fd3ec0b63091f581314ddeb8fbe2ec9745e
SHA256

0d7bea540ee1ac489a05e8f042a3096dfc9a126e659f245bcf2ba933a1b31252
SHA512

c457c92dbc3f295ccca7fbe507442f3a85242dad866b0667fb6120170c815f66f11a24393b5f83c2613d3c5e585e6488d51c776b644d9622a3c6e1f057c6a7f4
SSDEEP

192:6MlYA/NjX2JJlkZTfcVeWEYnWZ8E7s1unv:gFfkegl+Unv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c5e82f2a643750b9d878db947ef3574

Files

6c5e82f2a643750b9d878db947ef3574
.exe windows:4 windows x86 arch:x86

8689e75020efd6bbe2336509e43f29d2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
lstrlenA
GetSystemDefaultLangID
HeapReAlloc
GetStdHandle
SuspendThread
GlobalUnlock
HeapCreate
WaitForSingleObject
WaitForMultipleObjects
LoadLibraryExA
AddAtomA
CloseHandle
CompareFileTime
GetVersion
GetModuleHandleA
GetCommandLineA
GetConsoleCP
InterlockedExchange
GetProfileIntA
VirtualProtect

user32

GetDlgItem
CreateIcon
CreateMenu
CreateCaret
CopyRect
DragObject
MessageBoxA
CopyImage
SetPropA
InvertRect
GetKeyboardLayout
SetWindowPos
IsDialogMessage
EqualRect
GetCursorInfo
SetScrollInfo
DialogBoxParamA
DestroyMenu
GetKeyState
DrawCaption
DispatchMessageA
InsertMenuA
EnableScrollBar
CreateCursor
FindWindowA

winmm

OpenDriver
CloseDriver
PlaySoundA
auxGetVolume
aux32Message

wldap32

ldap_add

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ