062e337cde1f1138e739fdb92b7e6e42 | Triage

Sharing

General

Target

062e337cde1f1138e739fdb92b7e6e42
Size

48KB
MD5

062e337cde1f1138e739fdb92b7e6e42
SHA1

03baf659729c89d33c29252925cd35691a7b5efe
SHA256

6155e358ce7b6138316ad803d10113518aee78e24d75efc7a608d59903dede37
SHA512

aa968bd8a74806d50c4651bdc888efeb70008226ca3df7a13e95b20ff46861a8f94bde7eaa4c9072570ddd6918192fa3cf608b728b158352d3d66878695ed97f
SSDEEP

1536:h0t2Gv0M6ab3cMGOB3w6yWBWcndBnrD0Ol26pWY:u2Gv0M6abME1rWcdZ/ll26pz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
062e337cde1f1138e739fdb92b7e6e42

Files

062e337cde1f1138e739fdb92b7e6e42
.exe windows:5 windows x86 arch:x86

cea24a9b5ea41aa4ee4ed949c387658f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateProcessW

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
PathRemoveFileSpecW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfW

user32

CloseWindowStation
EndDialog
FindWindowExA
GetClassNameA
GetWindowLongA
GetWindowTextA
GetWindowThreadProcessId
PeekMessageA
SetProcessWindowStation

Sections

.xyf
Size: 39KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.olyz
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zwzab
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ