646d5e0aa467a84f22d28c1f862f0855 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

646d5e0aa467a84f22d28c1f862f0855
Size

37KB
MD5

646d5e0aa467a84f22d28c1f862f0855
SHA1

3707a432362e6774fa0a36a46bcecc027a1ba04a
SHA256

264259f87dfec6d62cadb308dd5f2dfdc6a1dc639df60c4f82304da4839d2627
SHA512

e71f97fc49d736d3c635ba1d5d34f1ea7d2946bde990be501110a27fb0ace3eff7f72e65eea49862da1ae62f8cf0e04f7ea2b1eadb8136ef67dd4fe0c68617d7
SSDEEP

768:3Egc9disv8xZOoofo1SMEemlmwKaBIhUUBrq5Lt1N:UViCKZZSfX0BaxUdqpt1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
646d5e0aa467a84f22d28c1f862f0855

Files

646d5e0aa467a84f22d28c1f862f0855
.exe windows:4 windows x86 arch:x86

ad76b3775c84a23f24b027ed856a5542

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcA
TranslateMessage
DispatchMessageA
ShowWindow
RegisterClassExA
PostQuitMessage
LoadIconA
LoadCursorA
KillTimer
GetMessageA
CreateWindowExA
UpdateWindow
BeginPaint

kernel32

ExitProcess
VirtualFree
Sleep
GetVersion
GetTickCount
GetProcAddress
GetModuleHandleA
GetCommandLineA

gdi32

CreateCompatibleDC
SelectObject

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 694B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 220B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ