6401336e141139842e1ff6e8fd502b5b | Triage

Sharing

General

Target

6401336e141139842e1ff6e8fd502b5b
Size

23KB
MD5

6401336e141139842e1ff6e8fd502b5b
SHA1

68ca62a914759e9c2138fe3f31c83189b229a4ba
SHA256

7397ee4a479aa53ba36b778972791224e6240c2b83de0c42046650b5fc3740c0
SHA512

3276c7bbc5ee6239d361cafc8aa2412f6b4a1c9f6fa2a8b7ae8b7e182486554e46e4e786ae266b96a057ec0eb05429ebd360665f81ff46031320dd75864f161a
SSDEEP

192:EpJKivee3quda6daZ84JJoZGT7MyMJX7l+VutX9IfzbCGnMpmdHmP7A4oz4lX4Sc:EWMHF5C+LFpGddOH91n2CtgL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6401336e141139842e1ff6e8fd502b5b

Files

6401336e141139842e1ff6e8fd502b5b
.exe windows:4 windows x86 arch:x86

460742357673be33a99dfff8236f92fd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
OpenProcess
GetProcAddress
LoadLibraryA
GetModuleHandleA
Sleep
CreateToolhelp32Snapshot
ReleaseMutex
CreateMutexA
GetCurrentProcess
GetCurrentThreadId
Process32First
Process32Next
GetLastError
CreateThread
lstrlenW
WideCharToMultiByte
SetUnhandledExceptionFilter

user32

GetInputState
FindWindowExA
FindWindowA
wsprintfA
SendMessageA
GetMessageA
PostThreadMessageA
PostMessageA

advapi32

RegSetValueExA
LookupPrivilegeValueA
RegCloseKey
RegOpenKeyA
OpenProcessToken
AdjustTokenPrivileges

ole32

CoCreateInstance
CoInitialize

oleaut32

SysFreeString
VariantClear

wininet

InternetOpenA
HttpOpenRequestA
HttpSendRequestA
InternetCloseHandle
InternetConnectA

msvcrt

_strlwr
memcpy
free
malloc
strlen
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z
_stricmp
_onexit
memset
__dllonexit

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE