6471b5162f6142c856c660833270b71e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6471b5162f6142c856c660833270b71e
Size

116KB
MD5

6471b5162f6142c856c660833270b71e
SHA1

c97a3f7b2786cc3047aee48278c096abdf94bc98
SHA256

e68409e5043eca84216e11e1b3aee47333da9031fb7cfc884067cae0a28602ef
SHA512

52dd2b9e79d07489aa12cccb4ec62e4bffca27598c76ae23fd3ee54f248dbd79fcd2eea468948aab0c5f4a515ac442f781d16048fb741f8fe48d69a39a23788a
SSDEEP

1536:DisNZRh502fmUcbaz8a8oVHI4DpTX1ErM64S35pKjWPZWVE7ggR5a8QqK/cHoe4:DiORvQaYeIkX+rMYJpKjeZWGs6PQZcI5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6471b5162f6142c856c660833270b71e

Files

6471b5162f6142c856c660833270b71e
.exe windows:4 windows x86 arch:x86

b4e2ded627cf874a5134dc23e412642d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThread
LoadLibraryA
LocalAlloc
GetFileType
GetSystemInfo
LocalFree
GetCurrentDirectoryA
CompareStringA
CloseHandle
GetVersion
GetModuleHandleA
GetProcAddress

user32

EndPaint
GetFocus
GetKeyState
DispatchMessageA
TranslateMessage
BeginPaint
GetMessageA
CharNextA

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ