c69485dc81940d34b0dd5db6ea7fb7a0[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c69485dc81940d34b0dd5db6ea7fb7a0.exe
Size

173KB
MD5

c69485dc81940d34b0dd5db6ea7fb7a0
SHA1

ba2f9db831a7cd374377834a495f0ab71774c179
SHA256

7866d14ab8f7576be023e2151ad85f361b0c2cf888706302dd619d6778356961
SHA512

8d892e7c414ad78bcccd20869296f2846b3b6ecf23fe00799595c32cca4a29fd2a023e5bcadc46871c272543aa6f6cc9fb9540ccd69a6a1fc2f7b455b57ab4ad
SSDEEP

3072:qQnhL2EZbtzXFGpiach6zl1UDPmu1V7/Fcn444+SV7GoE5cgbK3CHx+IkxNnPP44:qQXZbNXXezlOh7/t+Sio2bK3CII0rZak

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c69485dc81940d34b0dd5db6ea7fb7a0.exe

Files

c69485dc81940d34b0dd5db6ea7fb7a0.exe
.exe windows:4 windows x86 arch:x86

54ddc180d6ef70333d4ef532340aceb6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetHandleInformation
GetVersionExA
TransmitCommChar
LoadLibraryW
EnumResourceNamesW
ExitProcess
ExitProcess
LocalFree
LocalAlloc
GetModuleFileNameA

gdi32

DeleteDC
CreatePen
StretchBlt
BitBlt
SetStretchBltMode
SelectObject
LineTo
GetObjectType
CreateCompatibleDC
CreateDCW
CreateDIBSection
CreateBitmap

winmm

timeGetTime

gdiplus

GdipGetImagePixelFormat
GdipGetImageWidth
GdipCreateBitmapFromFile
GdipGetImageHeight
GdipDisposeImage

comctl32

ImageList_DragMove
ImageList_DragLeave
ImageList_DragEnter

msimg32

AlphaBlend
TransparentBlt

user32

ClipCursor
FindWindowA
CreatePopupMenu
RedrawWindow
TrackPopupMenuEx
DestroyMenu
GetDesktopWindow

ole32

CoFreeUnusedLibraries
CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance

Sections

.text
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsr
Size: 512B - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ