21d8dd7f67580884ced1e7641b17bf7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

21d8dd7f67580884ced1e7641b17bf7e
Size

57KB
MD5

21d8dd7f67580884ced1e7641b17bf7e
SHA1

bc6c627fa8274dd6531f4017f1ef9297e26aa872
SHA256

8450c9525989d570d6111bbb97ef1baba8adbe43f6ef7b096b9e2bc07b899f4e
SHA512

0c6f72b361ab780acffc07789533b3ec41405248ba40e2e7b9ee24dc88a0d0c2e10d7ed0f199313f84c74c71e434330668ee4d4456e13b5ac8345fa7a0e00ac9
SSDEEP

1536:m3uLctVWJWo8yE5M9xlrgpFcTRujoNgABGEsGWBZ:m+L2Xoi6o+FujoNDq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21d8dd7f67580884ced1e7641b17bf7e

Files

21d8dd7f67580884ced1e7641b17bf7e
.exe windows:4 windows x86 arch:x86

9f6cb19355d65517566875cf7781d96c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateIoCompletionPort
CreateThread
DeleteFileA
GetComputerNameA
GetCurrentThread
GetLocalTime
GetProcAddress
GetSystemDirectoryA
GetThreadLocale
GlobalUnlock
InitializeCriticalSection
LoadLibraryA
LocalAlloc
LocalLock
MapViewOfFile
ReleaseMutex
Sleep
WaitForSingleObject
WideCharToMultiByte
lstrcatA
lstrcmpA
lstrlenA

user32

CharNextA
CharUpperBuffW
CreateWindowExW
DeleteMenu
ExitWindowsEx
GetAsyncKeyState
GetWindowRect
InsertMenuItemW
InvalidateRect
IsIconic
LoadMenuW
ModifyMenuW
MoveWindow
PostQuitMessage
RedrawWindow
SendDlgItemMessageW
SetMenuDefaultItem
SetScrollPos
TileWindows

Sections

.text
Size: 53KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 416B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ