6358156e988d6949aaff105ef89b698e | Triage

Sharing

General

Target

6358156e988d6949aaff105ef89b698e
Size

210KB
MD5

6358156e988d6949aaff105ef89b698e
SHA1

58a74abb99884ee8915007ed242ec6828d98ef97
SHA256

5c93436a22d56eab2beabbfaa1d4f23fb05fa93c8a124ad195c2af41bc3ede23
SHA512

d433bc032d747b2d2ad1f2a9020afe454c5e199faa77365f5990f6e86a0c8519182a3336ad7bc57aa77292594c87f38989b9597bbdfb532a9f80cb8b491a07cd
SSDEEP

6144:T49OgwQbG8M7N33WWKpBZrIVHkDEkP3ggzq79:09OgwQbG8M7NH/KpBFIVHkD3ggQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6358156e988d6949aaff105ef89b698e

Files

6358156e988d6949aaff105ef89b698e
.exe windows:4 windows x86 arch:x86

0561a6dd09024b0e655cd57c3d28484c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProfileIntA
GetConsoleCP
CloseHandle
AddAtomA
HeapCreate
InterlockedExchange
GetVersion
SuspendThread
WaitForMultipleObjects
GetSystemDefaultLangID
GetCommandLineA
GetStdHandle
GetModuleHandleA
LoadLibraryExW
VirtualProtect
GlobalUnlock
GetTickCount
WaitForSingleObject
CompareFileTime
HeapReAlloc
lstrlenA

user32

IsDialogMessage
InsertMenuA
GetDlgItem
CopyImage
CreateCaret
CreateCursor
CreateMenu
GetKeyState
CreateIcon
DrawCaption
FindWindowA
SetPropA
DragObject
GetKeyboardLayout
InvertRect
DialogBoxParamA
GetCursorInfo
SetScrollInfo
MessageBoxA
DestroyMenu
SetWindowPos
EnableScrollBar
CopyRect
DispatchMessageA

advapi32

RegEnumKeyA
RegCreateKeyExA
RegCloseKey
RegQueryInfoKeyA
RegEnumValueA

apphelp

GetPermLayers

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ