6f44fc1a0e40e13175d5c02acd2349f3 | Triage

Sharing

General

Target

6f44fc1a0e40e13175d5c02acd2349f3
Size

69KB
MD5

6f44fc1a0e40e13175d5c02acd2349f3
SHA1

85885f39d431af23c99b220b312778818a0f6728
SHA256

cab1bfd73bc0aadd54ce94ae307498b618a83342904cc2043783a54ebc4b2e9d
SHA512

2434c858b3e483531584b61cd6db43a9c68dd578bfec775b9373602d5b44b63d202fe68d30c737a3a73df52412156922d6a494cb0bddd8b878c71964b2c35420
SSDEEP

768:bUD8sSrnH9eUw4LuSUbeeF1DY8l4Ugb/Uax2iloR14sm2lbL7+Ze/zJum3RqGRg:bUD8XHbwrkeZl+QiMm2lPigrJhRqGe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f44fc1a0e40e13175d5c02acd2349f3

Files

6f44fc1a0e40e13175d5c02acd2349f3
.exe windows:1 windows x86 arch:x86

0d9e7f9f51bf0e3fc32f01939b200050

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExpandEnvironmentStringsA
FileTimeToDosDateTime
FindResourceA
GetCommandLineA
GetFileInformationByHandle
GetFileSize
GetModuleHandleA
CloseHandle
LoadResource
LockResource
RtlUnwind
CreateFileA
SizeofResource
WinExec
WriteFile
lstrcatA
lstrcpyA

user32

MessageBoxA
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA
RegisterClassA
PostQuitMessage
CreateWindowExA
DefWindowProcA

crtdll

_iob
_itoa
__GetMainArgs
_strnicmp
exit
fputc
localeconv
memcpy
memmove
memset
pow
raise
signal
strcat
strchr
strncmp
strtol
wcslen
wctomb

Sections

.text
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 584B

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 88B - Virtual size: 88B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE