661ea0dfa82e8d2eeb505c90ac5c2807 | Triage

Sharing

General

Target

661ea0dfa82e8d2eeb505c90ac5c2807
Size

413KB
MD5

661ea0dfa82e8d2eeb505c90ac5c2807
SHA1

a1955a1a5f9e5ee2baa6539cf0b738052b108324
SHA256

d900f7f31535fd3360ebddbc4c675fe3fe6de6d0a603b3c1c42f5bec14ec4e11
SHA512

ace3d807850128cb5425540527f1657734b794714291626190b06bbbde251a6a86af14c5b1b1b8b4bca3da969668d2f0e2d737ad811f6edadcee0205654a1d02
SSDEEP

6144:QYWXQ7r0pjst48BVA0gP+VdQnQCgIwe/xSqF5loDOvOYbHgG8vpCWS9cXASj8k:3AjCvM0hdCQEptoqvO6AG8Md9cQS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
661ea0dfa82e8d2eeb505c90ac5c2807

Files

661ea0dfa82e8d2eeb505c90ac5c2807
.exe windows:4 windows x86 arch:x86

f3805741300d47f8a4795ba52df1ea15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetUserDefaultLangID
CloseHandle
GetProfileStringA
CreateJobSet
GlobalLock
GetProcessHeap
EnumDateFormatsA
VirtualAlloc
FindAtomA
CreateMailslotA
LocalHandle
GetModuleHandleA
GetVolumePathNameA
GlobalFree
EnterCriticalSection
GetProfileIntA
GetTapeStatus
GetOEMCP
GetStdHandle
ExitProcess
GlobalFlags

user32

GetWindow
ReleaseDC
IsIconic
GetClassNameA
GetFocus
CloseWindow
EndPaint
BeginPaint
GetWindowTextLengthA
GetForegroundWindow
ShowWindow
GetDC
GetActiveWindow
GetWindowTextA
GetParent
ValidateRect
RegisterClassA
DrawEdge
GetClassInfoExA

gdi32

GetColorSpace
CreateDCA
GetCharWidthA
CreateDIBitmap
ExtCreatePen

sxs

SxsLookupClrGuid

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ