6f33a59ec1a55cbbab76fa715b15e4a1 | Triage

Sharing

General

Target

6f33a59ec1a55cbbab76fa715b15e4a1
Size

784KB
MD5

6f33a59ec1a55cbbab76fa715b15e4a1
SHA1

2501075d4231dae639ad4dd104d7fa4233275e06
SHA256

5ac527544fb1c8284eeda71903e166579c76ac09d67766fb93ebad7aa7c96846
SHA512

8d075240655773200aeb8f4e7222fa66b3abe2d1011d8be1b210d8cf53198b64a3971d05f10d0ce013a3292f4515fbb05251e75073d84294ed99a2410a1b169e
SSDEEP

24576:cA7RMJ6Lb4h+6MoF9bVN4B/C4gdcYUf6qGlMlWWdRNg0q3:cA7RMofn6MC9j4huv46qGlMlWWGl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f33a59ec1a55cbbab76fa715b15e4a1

Files

6f33a59ec1a55cbbab76fa715b15e4a1
.exe windows:4 windows x86 arch:x86

45f60912b65b2624f5286a7d18af54c3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileTime
LoadLibraryW
ReleaseMutex
ReleaseMutex
HeapCreate
FindClose
CreateEventW
LocalFree
IsBadStringPtrW
GetEnvironmentVariableW
GetDriveTypeA
GlobalFlags
GetCurrentThreadId
WriteFile
GetPrivateProfileStringA
CloseHandle
InitializeCriticalSection
lstrlenW
GetCurrentProcessId
TlsGetValue

user32

GetSysColor
GetClassInfoA
CreateWindowExA
GetKeyboardType
DrawTextA
DrawStateW
DispatchMessageA
GetSysColor
CallWindowProcW
IsWindow
SetFocus
EndDialog
GetClientRect

pnrpnsp

NSPStartup
NSPStartup
NSPStartup
NSPStartup
NSPStartup

advapi32

InitializeSid

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 774KB - Virtual size: 773KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ