6be459e84cb7de209548136d7f9e8bbb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6be459e84cb7de209548136d7f9e8bbb
Size

337KB
MD5

6be459e84cb7de209548136d7f9e8bbb
SHA1

a53b2e388bf10f7fc9d5793cb87ba99cae9d6f86
SHA256

c1b90e6b265166d565f3ff7738ee63143bc1e2015ec67002aee03d43ff647c62
SHA512

cde75263edf61150c8794c1383557c016187e267e1c9bac279c658837125a2f684ac7fd803f80ba0873674892cec20657ae0166e28b8a795acfd0b4639bd8d06
SSDEEP

6144:utrh2F5PlPG2R7YjxgB5YvPM2TcNbS0P1D8umNOws+77AwRm+4KSjz9cIvGQc1u:0hwPtR7q9oNblP1D8r8ws+754b9RcU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6be459e84cb7de209548136d7f9e8bbb

Files

6be459e84cb7de209548136d7f9e8bbb
.exe windows:4 windows x86 arch:x86

f78e18a93099fe64826c56d5f5e9ac36

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
ExitProcess
ExitThread
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetLocaleInfoA
GetLocaleInfoW
GetModuleHandleA
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
GlobalAddAtomA
LoadLibraryA
OpenEventA
QueryPerformanceCounter
SetEnvironmentVariableA
SetUnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WriteFile
lstrcmpiA

msvcrt

wcscmp
strstr

user32

FindWindowExA
EndDeferWindowPos
IntersectRect
LoadCursorA
SetWindowTextA
EnableWindow
DrawMenuBar
DestroyIcon
CreateMenu
GetDesktopWindow

comctl32

CreateStatusWindowA
GetEffectiveClientRect
ShowHideMenuCtl
InitCommonControls

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 116KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 76KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ