06585149c47ba242fb1e90b60ade34e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

06585149c47ba242fb1e90b60ade34e0
Size

61KB
MD5

06585149c47ba242fb1e90b60ade34e0
SHA1

94c09fba8fa0fac9ce630624fb7d2a44d8fcda80
SHA256

18dfd9029b219eb4fde6ea10cbe8a22f4aeab5f1f97d8918f9bb94b7d65d2f98
SHA512

dd2d322e3dfa654de6320d10b282cc5c193cd6942fe1a40fc9ff5a72c01b215e5c32dbeb6fcbdb197e8b34704ecb25ad6d5391b7cb948b6c9b301ab5ec80f685
SSDEEP

1536:Zru1FfdTHoXTuY+yYcKQ/6yTsAtR3FfZ/EK2rxx0ccpC+X:k1FfJUuY+3ct/6yTh3F6KoxRcpC+X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06585149c47ba242fb1e90b60ade34e0

Files

06585149c47ba242fb1e90b60ade34e0
.exe windows:4 windows x86 arch:x86

ab6065e7ada82c7ebcf354f1040ac274

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
OpenEventW
CreateFileA
SetLastError
SetConsoleCP
OpenProcess
SetEvent
ClearCommBreak
GetFileAttributesA
ResetEvent
DeleteFileA
HeapSize
GetTickCount
GetEnvironmentVariableW
WriteConsoleA
ReleaseMutex
GetModuleHandleA
RemoveDirectoryA
ExitProcess
GetCommandLineW
VirtualAllocEx

user32

GetCaretPos
PeekMessageA
GetClassInfoA
FindWindowA
GetSysColor
GetDC
GetDC
DispatchMessageW
GetKeyState
DispatchMessageW
GetCursorInfo
CallWindowProcW
GetWindowLongA

linkinfo

CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 55KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE