6e4a2b71f4e53c4c5c7edff5fe465212 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e4a2b71f4e53c4c5c7edff5fe465212
Size

806KB
MD5

6e4a2b71f4e53c4c5c7edff5fe465212
SHA1

a22b8a0d41691174cec8c9b2509bbf65c70b40d4
SHA256

53ef4b481d80999a96af29b880106cec992fb1c47bcb5338dbcbba194cf81af8
SHA512

b5c7201b4733b7c9ebdbc01dbd7755a8e954a7637623d757c737b85cb58968e08c5b1a5b195251181fee2a23c4cf6300f82e497a073ee08b85ea609457219574
SSDEEP

12288:LnfFMrDl47rzkIdIt52t44fsfvtJDhvXAvPLN3JeQXtxb2kXzI3v/FOW7:L64LH052REfVPvwvPLN3JR9xbVoE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e4a2b71f4e53c4c5c7edff5fe465212

Files

6e4a2b71f4e53c4c5c7edff5fe465212
.exe windows:4 windows x86 arch:x86

776552728622933fe745d03eb169c147

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
VirtualAlloc
ResetEvent
GlobalFree
FindVolumeClose
CreateThread
ResumeThread
InterlockedExchange
FreeConsole
CloseHandle
GetExitCodeProcess
lstrlenA
WriteFile
LocalFree
GetMailslotInfo
GetDriveTypeW
GetPrivateProfileIntW
LocalSize
GetACP
GetModuleHandleW

user32

GetSysColor
GetClientRect
GetCursorInfo
GetClassInfoA
EndDialog
IsWindow
GetKeyboardType
GetSysColor
DrawStateW
DispatchMessageA
SetFocus
CreateWindowExA
CallWindowProcW

qedit

DllUnregisterServer
DllUnregisterServer
DllGetClassObject
DllUnregisterServer
DllUnregisterServer

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 797KB - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ