644679318cc886f83c2ea95578acbeb7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

644679318cc886f83c2ea95578acbeb7
Size

309KB
MD5

644679318cc886f83c2ea95578acbeb7
SHA1

ac69decd0af49147dbe2bbdf24910dfdf2926846
SHA256

b55b66db0da7e0619d58caebd30eb647063ad692f48fb695fd7c4d6ae356ede5
SHA512

666c5fe97f7b46fcc85e5136ae4e0ff4b8e7c99d2ed291aac06d837f8aa54342a81ccd2c987f157fc72bc8d2bc46124a92bec170f129aa8f182cc046dc6be12c
SSDEEP

6144:vKe0yGF+Gcrv40qwX+9cPJExfzBYgtNC79WdtliqCOAyEt7p:vJxGBCA0RREZzBM9YcqCOAyExp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
644679318cc886f83c2ea95578acbeb7

Files

644679318cc886f83c2ea95578acbeb7
.exe windows:4 windows x86 arch:x86

21872f4307e3f30d762044569d142ef0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
VirtualFree
VirtualLock
VirtualAlloc
GetProcAddress
PulseEvent
GetModuleHandleA
Sleep

user32

InSendMessage
MoveWindow
GetWindowInfo

gdi32

GetBrushOrgEx

ole32

CoInitialize

netapi32

NetDfsAddStdRoot

avifil32

AVIPutFileOnClipboard
AVISaveOptionsFree

Sections

.text
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 512B - Virtual size: 30B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 226KB - Virtual size: 566KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.svata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xgata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE