6db44693f1a0f3d8b55b2a3ee9205f8d | Triage

Sharing

General

Target

6db44693f1a0f3d8b55b2a3ee9205f8d
Size

16KB
MD5

6db44693f1a0f3d8b55b2a3ee9205f8d
SHA1

a8c5173cec088b9085c759b8e67863825fcdf8ce
SHA256

e7d82537e4dd0ae3e6919902063483e419daefb6dadddfe6eaaf0e9e8f14c652
SHA512

61bfd15fee9ebb78c93af18fbb26799970bb9f9d7c350c617ae9b1a7d5829bc5e75e42444197f86f2b17f29ebb60a83c1a970f939130b5f16d3aa601b173293e
SSDEEP

384:Q3XgT0VvBvWqWeEglRf5VVdfnLR8mzFm6:QXV95g+fDZLRfFl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6db44693f1a0f3d8b55b2a3ee9205f8d

Files

6db44693f1a0f3d8b55b2a3ee9205f8d
.exe windows:4 windows x86 arch:x86

30f6bb9235f6c828af4e8934d8af9ad8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetUserDefaultLangID
VirtualProtect
InterlockedExchange
ResumeThread
HeapReAlloc
GetConsoleDisplayMode
GlobalUnlock
WaitForMultipleObjects
GetConsoleCP
GetTickCount
HeapCreate
SetLastError
LoadLibraryExA
CompareFileTime
GetCommandLineA
lstrlenA
GlobalSize
GetVersion
WaitForSingleObject
GetAtomNameA

user32

FrameRect
GetWindow
SetForegroundWindow
GetCursorPos
ReleaseDC
BeginPaint
DrawTextA
DragDetect
GetParent
GetDC
FillRect
GetClassNameA
AnyPopup
GetFocus
EndPaint
wsprintfA
GetTitleBarInfo
CreateIcon
ShowWindow

rastapi

AddPorts
DeviceConnect
DeviceDone
PortClose
DeviceListen

quartz

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ