0684613a082fa7636caac7449c5afabb | Triage

Sharing

General

Target

0684613a082fa7636caac7449c5afabb
Size

65KB
MD5

0684613a082fa7636caac7449c5afabb
SHA1

976613ae9ae9633c58d7601eed46c258c9076be0
SHA256

8ac7f77740ec910195b24b77d1aa1f0a1fcb7c92de73657d081cd6f53ac824ac
SHA512

f8c01db7e1c7ad2ad77d6e5b3fe78afa1c44a602c341c92adb105070544e3a7f0f1251c7268c6e88bd60a87e95717eb228c78a9f1c3a48a0e90c6d9e2fa517f4
SSDEEP

1536:+HVFj01flhJGXDHyddtERFC7oHGyzqT6uwXX9Xyyx3YO/x:gl0193sw7SD+2hXo23

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0684613a082fa7636caac7449c5afabb

Files

0684613a082fa7636caac7449c5afabb
.exe windows:4 windows x86 arch:x86

a0c77a269dbd8b532e938a8d332337a0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

wininet

InternetGetConnectedState

gdi32

GetDeviceCaps

user32

MoveWindow

lz32

LZCopy

advapi32

RegConnectRegistryA

shell32

Shell_NotifyIconA

version

GetFileVersionInfoA

msvcrt

memchr

shlwapi

SHDeleteValueA

ole32

CoUninitialize

oleaut32

GetErrorInfo

urlmon

URLDownloadToFileA

Sections

.text
Size: 58KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE