ef247ae826199ba0267dec5764bfec6d[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef247ae826199ba0267dec5764bfec6d.exe
Size

392KB
MD5

ef247ae826199ba0267dec5764bfec6d
SHA1

c6747e6f9b0979321d821ba0823aac2d8fa549be
SHA256

4774891332fbeb5194ef9b948c22c28095d1f23c0a407e0e4f589d585bce6ef9
SHA512

8201cfab42ead36ee26910f4cc18d3ecf086e00a76532b2df711bad5a7652e09cc34a627c78fa948feaaae5a8d88df50fe3915c599e1e52c403a6f94c4ad0d7c
SSDEEP

6144:UK1wG0fljKQIZhzc7HVHtf5vuyh+ajZCsuAMXMzFHCD/yr07oAH4qCiAvE:UK/ApUvsfRh+ajZCBAMXoUK0VHPMvE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef247ae826199ba0267dec5764bfec6d.exe

Files

ef247ae826199ba0267dec5764bfec6d.exe
.exe windows:4 windows x86 arch:x86

6a1ffc57a51a4c26e7049625af3befbf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CreateFileA
HeapDestroy
ReleaseMutex
HeapCreate
CreateMutexA
GetACP
FindClose
GetLastError
GetModuleHandleA
TlsGetValue
GetProcessHeap
LoadLibraryExW
SetLastError
UnmapViewOfFile
SetConsoleCursorInfo
ExitThread
LocalUnlock
GetEnvironmentVariableA
FindResourceA

user32

IsWindow
GetFocus
CopyRect
GetDC
DrawMenuBar
CallWindowProcA
GetDlgItem
FillRect
DrawEdge
DispatchMessageA
DefWindowProcW
GetIconInfo
CheckRadioButton

uxtheme

DrawThemeIcon
GetThemeSysInt
GetThemeRect
DrawThemeText
DrawThemeEdge

clbcatq

SetupOpen

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ