64856ddc6646747d040a667e9dcefb08 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

64856ddc6646747d040a667e9dcefb08
Size

21KB
MD5

64856ddc6646747d040a667e9dcefb08
SHA1

217921053a76a0b204081eaed6fc6714556f05f3
SHA256

49ce01fa340f890b83826c47a301f9cfd9de6dc8640f618c5c975b8db711984b
SHA512

900cc39a7d583fd51b835d827b818b1e3ecdff6e4669c4da4601e4a98b1e43fd30777372df7ebdbbf23d09d4b1141ff45263db78121abb226ddf041d5cbfb54a
SSDEEP

96:kYL0LreS9DUMmHkFW+ZmaxTJ7zC9Iy4bTKpwMJRXEyBg9+iLKoFReavi647ykPa8:kiS944R/zwkKpwCRXDBg9+qF4fX+AaG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
64856ddc6646747d040a667e9dcefb08

Files

64856ddc6646747d040a667e9dcefb08
.exe windows:4 windows x86 arch:x86

98323607c9f3df99fd7ea925a92c3b6b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
lstrcatA
GetCommandLineA
lstrlenA

user32

GetSysColor
GetWindowRect
DestroyWindow
SetFocus
BeginPaint
SetWindowTextA
EndDialog
PostQuitMessage
DispatchMessageA
GetClientRect
TranslateMessage
DialogBoxParamA
EndPaint
GetFocus

gdi32

GetPixel
GetTextMetricsA
GetTextColor
CreateSolidBrush
MoveToEx
GetStockObject
GetObjectA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 987B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ