69fb513daa7d3cd0e221d16c95908ecf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69fb513daa7d3cd0e221d16c95908ecf
Size

6KB
MD5

69fb513daa7d3cd0e221d16c95908ecf
SHA1

96830b19ad69517c2d0a126b6d89874eb8ae6991
SHA256

fd8d41a277fd506b75bf76d048cb7d5910bcf94d55c7c55b341482fee7ae00d9
SHA512

ac630bdbfc050b04904638307382fc0944bab54fbef1ab36d1a87cf6ae7769fb16a4494e59ba48f3d22d9fa484c38b0299dcbe04b33f31ea399ad8c5f44341bd
SSDEEP

96:6PZdTNBrXsqRlj+chVabNTJ5oEOZqLmtiz8yF734:6xxrJR8cnabtyZqS88yF734

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69fb513daa7d3cd0e221d16c95908ecf

Files

69fb513daa7d3cd0e221d16c95908ecf
.exe windows:4 windows x86 arch:x86

4fa25f1c2cb437208280eb44f5ca4c6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeConsole
DeleteCriticalSection
EnumResourceTypesA
Sleep
VirtualProtect
GetTickCount
GetCommandLineA
GetDiskFreeSpaceExW
ReleaseMutex
GetModuleHandleA
GetExitCodeProcess
GetDriveTypeA
LoadLibraryExW
GetComputerNameA
FindClose
SetLastError
TlsGetValue
CreateMutexA
CloseHandle
GetLastError

shell32

DuplicateIcon
ShellMessageBoxA
DragFinish
DragAcceptFiles
SHFree
SHGetSettings
ExtractIconA
SHGetMalloc
SHGetDiskFreeSpaceA
DragQueryFileA
StrChrA
DllUnregisterServer
ShellAboutA

printui

vQueueCreate
vPrinterPropPages
bPrinterSetup
bFolderGetPrinter
PnPInterface

user32

MessageBoxA

Sections

.text
Size: 1024B - Virtual size: 620B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ