0655612ef296af6e257d82400552eaf0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0655612ef296af6e257d82400552eaf0
Size

209KB
MD5

0655612ef296af6e257d82400552eaf0
SHA1

5636294ee47df6bda438359a30c8156294cfa3be
SHA256

87ec91d032a49a6493de48d594ccc895c13eaff19058073b760009de545e6ce8
SHA512

1f7df6fc17e4bc492caf52eb65b35f2ae1eafc8b8dd874b65517ade2bf5644d721a3e8764cfd724d9811fe1e8faab3c3cdcb935d7eb528173703bb11f012afdc
SSDEEP

6144:LG4E20gCavXnFCdzs9bauerqY9t70VRLIU2pLG:LG4EKdCdz2b4ZtaRKpLG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0655612ef296af6e257d82400552eaf0

Files

0655612ef296af6e257d82400552eaf0
.exe windows:4 windows x86 arch:x86

56c4e948b2c9e1cf69993469b9ea6512

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedExchange
WaitForMultipleObjects
GlobalUnlock
AddAtomA
GetTickCount
LoadLibraryExA
lstrlenA
VirtualProtect
HeapReAlloc
CompareFileTime
HeapCreate
WaitForSingleObject
GetModuleHandleA
SuspendThread
GetCommandLineA
GetConsoleCP
GetProfileIntA
CloseHandle
GetStdHandle
GetVersion
GetSystemDefaultLangID

user32

PostMessageA
SetWindowPos
TranslateMessage
GetKeyState
GetDlgItem
PaintDesktop
ModifyMenuA
DrawCaption
GetKeyboardLayout
DestroyMenu
GetWindowTextA
InsertMenuA
EqualRect
GetMenuStringA
CreateCursor
MessageBoxA
CreateCaret
FindWindowA
DialogBoxParamA
DispatchMessageA
IsDialogMessage
SetPropA
EnableScrollBar
SubtractRect
CopyRect

netapi32

DsRoleFreeMemory
DsGetDcNameA
DsRoleCancel
DsGetDcOpenA
DsGetDcNextA

dnsapi

DnsStatusString

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 816KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ