f69d2f2296491612597ab5a5b0e82c11 | Triage

Sharing

General

Target

f69d2f2296491612597ab5a5b0e82c11
Size

241KB
MD5

f69d2f2296491612597ab5a5b0e82c11
SHA1

1c48f8946a2e05da4546b2d17809bf742e92da96
SHA256

cabd176a85080cf41f108859b4781bb5853ea5209785faac8c0123d5348d8122
SHA512

d6638ef18988ef38dc64d0ee15d71c2d9a6e6ea1abc72465b2838c7e61416ac8c4a2bd39854e7c17ec24aaff252fd40f5c6bf8238dd26a42e473f149580c577b
SSDEEP

6144:oPm73333WYmpmO6gtf3qLeTQlVUTQrAe6hdhA38fZxYH6TccuXaO:b3333csNgtvqycDUIR6hu8AaTcmO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f69d2f2296491612597ab5a5b0e82c11

Files

f69d2f2296491612597ab5a5b0e82c11
.exe windows:4 windows x86 arch:x86

2ee203ad0a62915dacfd2a7763a2a858

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
GetSystemDefaultLangID
TlsAlloc
TlsFree
GetModuleHandleW
GetCurrentProcessId
GetCurrentProcess
TlsGetValue
GetCurrentThread
lstrcatA
GetCommandLineA
FreeLibrary
GetLogicalDrives
GetDriveTypeW
GetModuleFileNameA
lstrcmpA
GetCurrentThreadId
GetACP
VirtualAlloc
TlsSetValue
GetSystemDefaultLCID

user32

CreateWindowExA
GetFocus
GetClassLongA
GetWindow
GetForegroundWindow
GetWindowTextLengthA
GetWindowLongA
GetWindowDC
IsIconic
GetSystemMetrics
ReleaseDC
RegisterClassA
BeginPaint
GetWindowTextA
GetActiveWindow
IsWindowVisible
GetDC
UpdateWindow
ShowWindow

gdi32

SetTextColor
GetStockObject
SetBkMode
DeleteObject
GetObjectA
SelectObject

msctf

TF_GetThreadFlags
DllRegisterServer
DllGetClassObject
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 604KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 231KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ