6b08dd5db8eda72ff076b22c4e8a113b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b08dd5db8eda72ff076b22c4e8a113b
Size

191KB
MD5

6b08dd5db8eda72ff076b22c4e8a113b
SHA1

613a55b043d43dd53f4b04354033d7bcbc83eca7
SHA256

29c840f293ea8c5cc46205da9f1f581354df0756ac3a08ef40bd73f228e8a281
SHA512

6c9a02b271df14f8d347c64af702906da5ce62013133032af8d9036136056654aef57a26fe1fefb18d8997176c2f0281af78deee09601726f4a488994f6eac12
SSDEEP

3072:QnXWMkgUuHGdVP9AvTXdzLKzZDGR5AufhiEqveCTP9rlbqvY1YMic0A4jiuWfPXr:QegUzVP6rNX+ZAQEqjbEY2L/iSin

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b08dd5db8eda72ff076b22c4e8a113b

Files

6b08dd5db8eda72ff076b22c4e8a113b
.exe windows:4 windows x86 arch:x86

f78f676e73ea09c81a473e5f935dbc9a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FormatMessageA
IsDebuggerPresent
DeleteAtom
GetCurrentThread
GetModuleHandleA
GetCurrentProcessId
HeapDestroy
WriteConsoleA
GetACP
GetExpandedNameA
LoadLibraryA
OpenSemaphoreA
GetEnvironmentStringsA
VirtualProtect
GetStdHandle
FlushFileBuffers
GetThreadPriority
InterlockedExchange
GetTimeFormatA
GetCurrentProcess
HeapCreate

user32

EndPaint
IsIconic
GetWindow
GetClassNameA
SetActiveWindow
ValidateRgn
ShowWindow
ReleaseDC
GetParent
DrawTextA
FrameRect
GetCursorPos
wsprintfA
BeginPaint
GetWindowTextLengthA
GetFocus
GetDlgItem
SetForegroundWindow
FillRect

advapi32

RegQueryInfoKeyA
RegFlushKey
RegCloseKey
RegCreateKeyA
RegEnumKeyA

uxtheme

GetThemeSysFont

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 708KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ