c621d69a4d1ba6c38cd085404d8e5721[.]exe | Triage

Sharing

General

Target

c621d69a4d1ba6c38cd085404d8e5721.exe
Size

326KB
MD5

c621d69a4d1ba6c38cd085404d8e5721
SHA1

37785d792b598be9a264d38c3d9b09960b5a61f9
SHA256

806100a854f42224f26ac21b75f36839a1bf67f2756b9838e8de0cd5214d4d48
SHA512

6daf7e59d4e3eedff38d7b84afd7d01694b253127c21b418fa12a169b5d08bd1203de8ce5b94e9aa55e298bbd777ef8ff8afb6ea18353c442bf9c8fec33943d2
SSDEEP

6144:pqwD+X1xQatU+1CEJp4XEt8l3aw9Y6zfJvkeitTDYWMtrDVmCfNuI2RINhoDPnrt:PO1xm+QoK0t4K3gCTDYWGrYzt+NSTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c621d69a4d1ba6c38cd085404d8e5721.exe

Files

c621d69a4d1ba6c38cd085404d8e5721.exe
.exe windows:4 windows x86 arch:x86

078c46742cf75f036ee0f3440351c06d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LoadLibraryW
GetComputerNameA
GetDiskFreeSpaceA
CreateThread
FindVolumeClose
Sleep
GetModuleHandleA
SetLastError
LocalFree
ResetEvent
HeapCreate
GetSystemTime
LocalUnlock
CloseHandle
GetCommandLineW
lstrlenA
GetDateFormatA
CreateFileA
UnmapViewOfFile

user32

IsWindow
GetDC
SetFocus
CheckRadioButton
GetDlgItem
GetComboBoxInfo
DrawStateA
DispatchMessageA
FillRect
DrawEdge
DrawMenuBar
CallWindowProcA
CreateWindowExA

advapi32

IsTokenUntrusted
RegCloseKey
RegDeleteKeyA
FreeSid
RegEnumValueA

sysdm.cpl

NoExecuteAddFileOptOutList

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 732KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ