260d3646590d810219cedda365e3d13d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

260d3646590d810219cedda365e3d13d
Size

182KB
MD5

260d3646590d810219cedda365e3d13d
SHA1

cb8c3d80a08774bf7b9ce02f737899f67424853c
SHA256

713191e99ab5d801d745627077a95485cbdc5ba97fff43f75f9de5eee8557f83
SHA512

ef271dc67f8feac19a8f0a3a0b9ce96498b6a0e9f9c9d5408a8a2d82d3cbdee509e26f6e4ee06f8eb9d8cedacb8b94741757d58eecfc07b88253ffd37bb7fa54
SSDEEP

3072:1oGz3Wri8bmq1BdU09QNdVC7QCDJRIsCWdm+F8uApaTdJWe/cH+9VIN/AYBYx/:1IBdU0mQJ7sWrDApYke9V3MYx/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
260d3646590d810219cedda365e3d13d

Files

260d3646590d810219cedda365e3d13d
.exe windows:4 windows x86 arch:x86

21eb6d3c7d1a4462a483cf683a76e11e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalReAlloc
GetVolumePathNameW
FoldStringA
FlushInstructionCache
SwitchToFiber
GetConsoleInputExeNameA
LocalUnlock
EnumResourceLanguagesA
UpdateResourceW
VirtualFreeEx
CreateFileMappingA
FlushInstructionCache
GetCommandLineA
ExitProcess
GetStartupInfoA

user32

CreateIconFromResource
LoadKeyboardLayoutA
SetMessageExtraInfo
FindWindowExW
LockWindowStation
CharLowerA
GetClassInfoA
GetDCEx
SetMessageExtraInfo
EndTask
EndTask
GetScrollInfo
ReleaseDC
GetAltTabInfoW
DrawStateA
ChangeDisplaySettingsA
LoadCursorFromFileW

Sections

.text
Size: 5KB - Virtual size: 809KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 173KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE