160009ef68ddeba296ccafe58d6671cd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

160009ef68ddeba296ccafe58d6671cd
Size

32KB
MD5

160009ef68ddeba296ccafe58d6671cd
SHA1

87ec45141837541ae9ffd39175872f110d22dd02
SHA256

ba6cdca88de0446843d63db282380a40952704ff9a7703da44ae249f218a8da4
SHA512

e657e3f44ef78c3f9c89f5bea8053e0a4b8c7f8166266f3846d0dcc997b1b1904a4f70c01a9ec28ac3b2ba1d5c996799a990b13a33188fd10ff431fe71339faf
SSDEEP

768:YehEFQk2fHQHd6F9ZzyYOVpGA8nQQ4EF3VT:phEFMQHd6FDPOGA81x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
160009ef68ddeba296ccafe58d6671cd

Files

160009ef68ddeba296ccafe58d6671cd
.exe windows:1 windows x86 arch:x86

46ca14a90343b9cb02b9a4a8d3307b79

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
LoadIconA
LoadCursorA
RegisterClassA
GetMessageA
DispatchMessageA
DefWindowProcA
SetWindowLongA

gdi32

CreateSolidBrush
SelectObject

kernel32

GetCurrentThread

shlwapi

StrChrA

Sections

.idata
Size: 512B - Virtual size: 474B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.code
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE