f65df9bbebd2d2e36eb15f20fc287354 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f65df9bbebd2d2e36eb15f20fc287354
Size

988KB
MD5

f65df9bbebd2d2e36eb15f20fc287354
SHA1

e1a24fd9a67fcef7caf22e965eefcb54d596a9f4
SHA256

dde204d8ddc2cf0250731545eb257d339c4e9761e69b8c016755f8fdd4c1ce7f
SHA512

6addb36c06713b417944dee72bbc0f58489f31c13a26365c7ff22c08b2f7ca6d5f98a1b5184f15d4676ef8ff23f48dfb033027b5ab655bcf5227b7e51ca111a2
SSDEEP

3072:UE34/GAlTBuOrXFDM7HCYXBnT8S4RVoNch3uJDSqOD3BnZI4LzuEvazliy:QblTsN7imiSWVdh8Gt3FZLLzudzli

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f65df9bbebd2d2e36eb15f20fc287354

Files

f65df9bbebd2d2e36eb15f20fc287354
.exe windows:4 windows x86 arch:x86

1fc83913e26c6cee8c98f15e43a5f0ba

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseMutex
SetEvent
CreatePipe
TlsGetValue
GetLargestConsoleWindowSize
CancelWaitableTimer
AddAtomA
GetThreadLocale
GetExitCodeThread
CreateMutexA
GetUserDefaultLangID
GetThreadTimes
GetOEMCP
TlsFree
IsDBCSLeadByte
VirtualAlloc
GetConsoleCP
GetDefaultCommConfigW
GetThreadPriority
CompareStringA
GetModuleHandleA

user32

InvalidateRect
GetWindow
RegisterClassA
GetDC
GetWindowTextA
ValidateRect
GetFocus
GetForegroundWindow
GetClassInfoExA
IsIconic
IsWindowVisible
ReleaseDC
ShowWindow
ReleaseDC
CloseWindow
GetActiveWindow
GetWindowTextLengthA
GetSystemMetrics
GetClassNameA

tapi32

MMCSetLineInfo
MMCInitialize
MMCSetPhoneInfo
MMCShutdown
MMCSetServerConfig

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 772KB - Virtual size: 772KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 40B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ