6a64304f5c2c86ff4689c14e69b74462 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6a64304f5c2c86ff4689c14e69b74462
Size

75KB
MD5

6a64304f5c2c86ff4689c14e69b74462
SHA1

3933f54c28a05f5ebf87d9f87dfb85f44edacaf3
SHA256

e6b97d167e6209c078f1bba61868a73d729eeacd849fccd1e64f7335fd72dded
SHA512

c79aeea87686edbf21e2d25cc82c69d69745a8896196189841b85879bdd832fb39e6b5ba5ef77ed69f674b4d25bbd3217a77c505e8086953aee96dc0cb2b82ad
SSDEEP

1536:mk7VJKloelhNBiDkLcbkR0OjJjV1ATg15HYFs7Y9iwdPd:npJKlocXCkskRVlATa5N7YAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a64304f5c2c86ff4689c14e69b74462

Files

6a64304f5c2c86ff4689c14e69b74462
.exe windows:4 windows x86 arch:x86

cd9efba2b7cf3aa89c43524d3009e943

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileW
ExitProcess
GetCurrentProcessId
GetLogicalDriveStringsW
GetUserDefaultLCID
SetFileAttributesW
VirtualAlloc
GetCommandLineW
GlobalFlags
SetEnvironmentVariableW
FindResourceExA
GetModuleHandleW

gdi32

SetBrushOrgEx
ResizePalette
SetBitmapBits
GetRegionData
SetTextJustification
GetTextMetricsA
CreateSolidBrush
CreateRectRgnIndirect
ArcTo
GetWindowOrgEx
ResetDCA
Ellipse
CreateFontIndirectA

activeds

ord25
ord23
ord20
ord5
ord13
ord3
ord15
ord6
ord26
ord27

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 5KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 79KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 102KB - Virtual size: 143KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.orpc
Size: 102KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ