6b3739141ea59c8bd03c25025bc247f6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6b3739141ea59c8bd03c25025bc247f6
Size

222KB
MD5

6b3739141ea59c8bd03c25025bc247f6
SHA1

a95e146680a6c1f859e7933a416c09dcd353609a
SHA256

e2debb1f099ebddeedbdc4f5e59708e353deff336bd82e67402b2c1faa2810c2
SHA512

485274f4eefaa312113de2af791a5e05e6d5a6afa5a4405e8ac49e4d2671dd565e2189387777324936c9e2e90e8698c365ea6216f5f7708a7e7b9dfa76a745df
SSDEEP

6144:74eWqfLLxdoqhqt1+eV2BVDERNSzkmwIlk:7XJfpdoyqAhuN6lJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b3739141ea59c8bd03c25025bc247f6

Files

6b3739141ea59c8bd03c25025bc247f6
.exe windows:4 windows x86 arch:x86

5ad3093966e5263b0982117fa9b35a15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

timeGetTime
timeSetEvent

ole32

OleTranslateAccelerator
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc

oleacc

CreateStdAccessibleObject

kernel32

QueryMemoryResourceNotification
InterlockedIncrement
lstrcmpiA
lstrlenA
SizeofResource
GetCurrentThreadId
LoadLibraryA
FindResourceA
GetModuleFileNameA
FormatMessageA
GetModuleHandleA
InterlockedDecrement
TerminateThread
WaitForSingleObject
CloseHandle
lstrcatA
IsDBCSLeadByte
lstrlenW
SetEvent
GetFileAttributesA
EnumResourceTypesW
InitializeCriticalSection
EnterCriticalSection
HeapAlloc
lstrcpyA
CompareStringW
LocalFree
GetCurrentThread
GetCurrentProcess
CreateEventA
GetVersion
GetPrivateProfileSectionNamesW
OpenProcess
CompareStringA
LoadResource
CreateThread
LeaveCriticalSection
GetComputerNameA
DeleteCriticalSection
lstrcpynA
RaiseException

Sections

.text
Size: 136KB - Virtual size: 135KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ