075db71592793f2e50917c3000001a1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

075db71592793f2e50917c3000001a1e
Size

985KB
MD5

075db71592793f2e50917c3000001a1e
SHA1

ea9d3eddfe8bedde471a42e101d9ad6362cd3098
SHA256

8732720233714ecac50df4eb4ac58a240d3d832eea6daa358f19e853eba2090a
SHA512

f5978568a852589476da271e55ca6df45ad13d5839284f74565348bcd458428623b3bde7848a2aed867c915495f719f73e749bb02e5c69dfa570f793ac749732
SSDEEP

24576:g2kAOL9OBy4UUA/m0xkVfqTEKVfl4oRHzcq:g2DJBy4UU6mlV+HL1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
075db71592793f2e50917c3000001a1e

Files

075db71592793f2e50917c3000001a1e
.exe windows:4 windows x86 arch:x86

a9f6bf9d8504e3fe9c52edecb4c1bb56

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

GetCommandLineA
ExitProcess
GetStartupInfoA
Beep
Module32NextW
LocalReAlloc
WritePrivateProfileSectionW
ReadFileEx
GetConsoleScreenBufferInfo
PeekNamedPipe
PeekConsoleInputW
GetThreadPriority
GetVersion
lstrcmpA
WriteConsoleInputA
GetPrivateProfileStringA
GlobalCompact
GetTimeZoneInformation
QueueUserAPC

user32

SetPropW
SetRect
GetUserObjectInformationA
DdeClientTransaction
CharLowerW
AlignRects
SetWindowsHookExA
CtxInitUser32
DrawCaption

gdi32

PatBlt
GetStringBitmapW
CreateICA
GetFontResourceInfoW
EngCreateDeviceSurface
GdiCreateLocalMetaFilePict
PolyPatBlt
ScaleWindowExtEx
GdiDescribePixelFormat
STROBJ_dwGetCodePage
CreateEllipticRgn
EngCreateSemaphore
CreateRectRgnIndirect
CreateRectRgn
GetTextCharacterExtra
GetFontResourceInfoW
EngMultiByteToWideChar

Sections

code
Size: 4KB - Virtual size: 5.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

data
Size: 872KB - Virtual size: 876KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ