640827fa51016f65f6436b9ea887fc91 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

640827fa51016f65f6436b9ea887fc91
Size

244KB
MD5

640827fa51016f65f6436b9ea887fc91
SHA1

f01cff4624e86551229ff6527d62755631e84887
SHA256

32a63de4bbc224a80d60463b68c2ec38f97a2763b404b63fa6319af3442ff88b
SHA512

4f2a61eceb32497593e1e5e2003bbf9028fe6a4edd50b781e25a0f0dddcece878713ef3b19a110292bc3a76bc8f2f77895dfa9d5b31a86a161a53168ecd2e769
SSDEEP

6144:8cosW0MWzp4HRiFh0BR/UslAcBOBmyDjzvM4Anlpo:8xUzux7BR/ZAcBOEyDjDTAl6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
640827fa51016f65f6436b9ea887fc91

Files

640827fa51016f65f6436b9ea887fc91
.exe windows:4 windows x86 arch:x86

8cd08ff3e6185d3cafaebc7cd34e50b2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSetInformation
GetQueuedCompletionStatus
GetNumberFormatA
GetThreadPriority
HeapDestroy
VirtualFree
ReadConsoleOutputCharacterA
MoveFileA
lstrcmpiW
SetSystemTimeAdjustment

user32

GetInputState
AttachThreadInput
SetWindowsHookExW
CascadeWindows
GetKeyboardLayoutNameW
EnumDesktopsW
DispatchMessageW
GetSysColor
UnhookWindowsHookEx
DefDlgProcA

gdi32

SetAbortProc
LineTo
SetWorldTransform
StartPage
ChoosePixelFormat
GetCharWidth32A
StartDocW

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE