6d32e638b9be66880c26e855d3d9af4e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6d32e638b9be66880c26e855d3d9af4e
Size

46KB
MD5

6d32e638b9be66880c26e855d3d9af4e
SHA1

36d862ab8c859c957d9ab950404ab6af34d215db
SHA256

3fe8de509b92728aaeeb72f7639da956452618a6be1fbb28f91640b40487bcc3
SHA512

fbd0c4cbcf11e90376c54f5fa5112f1bf199fbb6514a28abd6e3f29ba2aa17468dd5d1a6be6efee3f6e7ad62560e5eda9581947887b459b6021b3b3e86f1181d
SSDEEP

96:7MfLX+S6mO7Wmpf9FYSratRUqZfZg8iFteXjUTyin2n0PIq:YjX+tmofbFY6a3ZiNrVns0PB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6d32e638b9be66880c26e855d3d9af4e

Files

6d32e638b9be66880c26e855d3d9af4e
.exe windows:4 windows x86 arch:x86

4839f5c4e6b9593604a736cca21543db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW
CreateRemoteThread
ExitProcess
FlushInstructionCache
GetBinaryTypeW
GetCommandLineW
GetCurrentDirectoryW
GetEnvironmentVariableW
GetFileSize
GetFullPathNameW
GetLastError
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStartupInfoW
GetSystemDirectoryW
GetThreadContext
GetWindowsDirectoryW
HeapAlloc
HeapCreate
CreateMutexA
LocalFree
MapViewOfFile
ReadFile
ReadProcessMemory
ResumeThread
RtlMoveMemory
SetFilePointer
Sleep
SuspendThread
UnmapViewOfFile
VirtualAllocEx
VirtualProtect
WaitForMultipleObjects
WideCharToMultiByte
WriteProcessMemory
lstrcatW
lstrcpyW
lstrcpynW
lstrlenW
CreateFileW
CreateFileMappingA
CreateFileA
CreateEventA
LoadLibraryW
CloseHandle

advapi32

RegQueryValueExW
RegOpenKeyExW
RegCloseKey

shell32

SHGetPathFromIDListW
CommandLineToArgvW
SHBrowseForFolderW

user32

MessageBoxA

comdlg32

GetOpenFileNameW

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE