fe6296e248536ba0cff3cae3c66396c1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe6296e248536ba0cff3cae3c66396c1
Size

370KB
MD5

fe6296e248536ba0cff3cae3c66396c1
SHA1

8e30dc3988e381c7d12c058a348be8e86845eba5
SHA256

e1eaa9c3b511d9661eb573d53a7834db07a7cc8e46a7f6c9511cc68927e7be74
SHA512

3fb4c8e1c6a029d0a34c64df1d1a5bd1785c4655b48575a4cebf1c8595f7f50c79a79686d9efec9d135187bb8d4c9b79a23474e403d7515e4522fed685691884
SSDEEP

6144:+3dx2KfTQUvsevPxXJ2ggbvnjz4KxlDfX9flebmE9uDMnyQY7wNOqRdusIQRlTFL:+N9QUvHvPx5grnjz4ClDfXNdEMkyQY7c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fe6296e248536ba0cff3cae3c66396c1

Files

fe6296e248536ba0cff3cae3c66396c1
.exe windows:4 windows x86 arch:x86

9ecb3cd8c9365842728a4e8e9993c3a8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
HeapReAlloc
lstrlenA
GetStdHandle
TlsGetValue
GetProfileIntA
VirtualProtect
GetACP
GetModuleHandleA
GetTickCount
GetAtomNameA
LoadLibraryA
FindAtomA
HeapWalk
GlobalUnlock
CloseHandle
GetVersion
WaitForSingleObject
GetConsoleCP
InterlockedExchange
CompareFileTime

user32

GetSubMenu
GetDlgItem
GetWindowTextA
UpdateWindow
GetKeyboardLayout
PaintDesktop
SetWindowPos
EnableScrollBar
DestroyMenu
SubtractRect
DispatchMessageA
ShowWindow
CopyRect
LoadIconA
PostMessageA
MessageBoxA
TranslateMessage
EqualRect
PostQuitMessage
ModifyMenuA
CreateCaret
InsertMenuA
DialogBoxParamA
SetPropA
InflateRect
GetScrollRange
GetMenuStringA
GetMenu

msi

MsiEnumProductsA
MsiEnumClientsA
MsiDoActionA
MsiGetMode
MsiCloseHandle

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ