6b655931242d86792d1b891500dda616 | Triage

Sharing

General

Target

6b655931242d86792d1b891500dda616
Size

492KB
MD5

6b655931242d86792d1b891500dda616
SHA1

9a299f0cabcbb4e38a53d26f47026ba30d3fbe31
SHA256

26a47f76a3c79b0b64863191ec17921b0d4049a89b9bfa35fa5d0db7760de546
SHA512

15e103ee1498aaf5597f24b5b7faf8183e3175c45e444c9c4eb4c370e11dd2d556f768c251c808d9e3df28d54accd52beceb6f3ce0fca16345082d56444a862b
SSDEEP

6144:KgQe175bTMmDm73Sf5wvcYm2sQ2xKYvjdBEHMm7DOe9HRGR4EFktwOmCJEuGG0:KgQ+NHMmb5wh1sQE9jjE6JeEkWG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6b655931242d86792d1b891500dda616

Files

6b655931242d86792d1b891500dda616
.exe windows:4 windows x86 arch:x86

5a2274befbec03820b4d88545fc8ff65

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetFileAttributesA
FindAtomA
GlobalFree
GetPrivateProfileStringW
SetLastError
FindClose
LocalFree
GetCurrentProcessId
GetProcessTimes
GetModuleHandleA
GetPriorityClass
ReadFile
SuspendThread
EnumCalendarInfoW
CreateMailslotA
HeapCreate
GetCurrentThreadId
EnterCriticalSection
HeapDestroy

user32

GetWindowLongA
GetSysColor
GetWindowInfo
CallWindowProcW
DrawTextW
SetFocus
DispatchMessageA
GetClassInfoA
DispatchMessageA
GetKeyboardType
IsWindow
GetKeyState
GetClientRect

devenum

DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject
DllGetClassObject

desk.cpl

DeskSetCurrentScheme

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 482KB - Virtual size: 482KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ