01df55797e64d901ee0d8ef46ca7818b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01df55797e64d901ee0d8ef46ca7818b
Size

108KB
MD5

01df55797e64d901ee0d8ef46ca7818b
SHA1

b17a06c9f778ad30873d68d1fdc1f9592afada8c
SHA256

22ade944866ab0842a3d8687ba583ea656ccff60d5c0f8e2f4cb1af90e9fff5f
SHA512

9f57e31010211615331cdb0287cf712cc1216d08863c43236b121dfec6db9f09f10f4d00dc52fb111535fbfb9c21c47f6fb1488de6aaf457212dc4ad4ac1dee1
SSDEEP

1536:x+kp0BkUt9bHIxF/UkXywjrIuGXy1CkEy0xEYyv:x30BkwoxF/U+ywjsuGX80x5yv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01df55797e64d901ee0d8ef46ca7818b

Files

01df55797e64d901ee0d8ef46ca7818b
.exe windows:4 windows x86 arch:x86

55f57b790aebee5ba3aeb08caf9952c4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleAliasExesA
GetConsoleOutputCP
GetDiskFreeSpaceA
FreeEnvironmentStringsA
GetThreadPriority
SetFileAttributesA
VirtualAllocEx
CreateMutexA
FindFirstFileExA
PurgeComm
VirtualLock
DuplicateHandle
GetFileInformationByHandle
GetLogicalDrives
Module32First
GetWindowsDirectoryA
GetExitCodeProcess
VerSetConditionMask
GetTempPathA
RequestWakeupLatency
GetNumberOfConsoleFonts
WaitNamedPipeA
SetProcessPriorityBoost
GetOEMCP
SetEnvironmentVariableA
SetEvent

user32

GetListBoxInfo
ExcludeUpdateRgn
CreateIconFromResourceEx
CharPrevExA
CalcMenuBar
CreateDesktopA
SetDoubleClickTime
PackDDElParam
GetAsyncKeyState
CreateWindowExA
MoveWindow
GrayStringA
FindWindowA
GetCapture
GetCursorPos
GetParent
SetMenuItemBitmaps
GetAltTabInfoA
EndDialog
LoadAcceleratorsA
CreateWindowExA
GetClassInfoA
FrameRect

gdi32

GetGlyphIndicesA

advapi32

CredIsMarshaledCredentialW

opengl32

glFeedbackBuffer
glFinish

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ