563ffe5dcf0e2d4873b4c657aca5cf1e | Triage

Sharing

General

Target

563ffe5dcf0e2d4873b4c657aca5cf1e
Size

241KB
MD5

563ffe5dcf0e2d4873b4c657aca5cf1e
SHA1

e6cbd492b2605c1c7d4daa9f6918e27af9b9a01f
SHA256

e3e3811138dc1f9248798a8858afe551289e3c2aea5a3c93338d99a7e868248f
SHA512

a05a0dc9668a778c68a510b410de048734d59c49927144edd0c0fa62da2ab38c6afd28987a1335ec369649c98dc0b05982f5e4ee5961c5840d74d021e2b421c5
SSDEEP

6144:YViFvrtIMcYVmvo0Xuu8Vkz09ezRrJD4OHuPeN:YVQrtVcYovoSuu8Vkz09GJhHyeN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
563ffe5dcf0e2d4873b4c657aca5cf1e

Files

563ffe5dcf0e2d4873b4c657aca5cf1e
.exe windows:4 windows x86 arch:x86

342a33d9b48c40bb82503187aeb29aee

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
LocalFree
GlobalFree
GetStdHandle
GlobalAddAtomA
lstrcpyA
GlobalAddAtomA
WriteProfileStringA
SetConsolePalette
LoadResource
GlobalUnlock
GetOEMCP
RaiseException
DeleteAtom
GetLastError
IsBadCodePtr
FreeConsole
VirtualProtect
LoadLibraryExA
EnterCriticalSection
CloseHandle

user32

GetClassInfoExA
EndPaint
ShowWindow
ValidateRect
GetDC
GetParent
GetClassNameA
GetWindowTextA
GetWindowTextLengthA
GetActiveWindow
BeginPaint
ReleaseDC
GetForegroundWindow
GetWindow
DrawEdge
AlignRects
IsIconic
GetFocus
CloseWindow

mprapi

MprAdminUserGetInfo
MprAdminUserClose
MprAdminUserWrite
MprAdminUserRead
MprAdminUserOpen

linkinfo

CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ