6ca8d4b1be633512a31446d33e68b1e7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6ca8d4b1be633512a31446d33e68b1e7
Size

170KB
MD5

6ca8d4b1be633512a31446d33e68b1e7
SHA1

b76dc6aeed2bd9053ccdf9258d9ad209d70939bd
SHA256

5b396b8c91552e7405f9c8340db6d24ad5ae73b94c75683f7e598d58343ca0cc
SHA512

96dc411fafb05f2dab9a19d4ca4d71a2863a3785361ae38fbd2ae373b97868b7b1ac4f8a7b367088dee145052b3e8ff21d9bfb9995f86efc6894796d87b9f45f
SSDEEP

3072:8x06795jYCVmF9yaC83V8iP97aKHjTa/:8x0qYCVmgmJ9mKHjTa/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ca8d4b1be633512a31446d33e68b1e7

Files

6ca8d4b1be633512a31446d33e68b1e7
.exe windows:5 windows x86 arch:x86

d4ea43afd56a5eb8c86bbfe58ed1a55c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess

user32

GetScrollInfo
GetWindowTextA
CopyImage
AlignRects
GetCursor
GetWindowTextLengthA
LoadCursorA
GetScrollPos

advapi32

RegCreateKeyW
RegEnumKeyExA
RegDeleteValueW
RegCreateKeyExW
RegQueryValueA
RegQueryValueW
RegEnumValueA
RegOpenKeyA
RegQueryInfoKeyA
RegOpenKeyExA

Sections

.klmpl
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ijmm
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.alcc
Size: 127KB - Virtual size: 474KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gdpj
Size: 1024B - Virtual size: 602B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hadhd
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE