6535f452b495e7a00c1ea75df48c7979 | Triage

Sharing

General

Target

6535f452b495e7a00c1ea75df48c7979
Size

71KB
MD5

6535f452b495e7a00c1ea75df48c7979
SHA1

f2c793f23dbf7de41258392a026060e228a8aff8
SHA256

9e66790c4b3428570b3a6ea514dc62ef2671a2d36febaac5c748b43e4f474736
SHA512

c8856a7e05ca7a088599f5ea13a6080d007ec101b35b68318fb7bd161274d9e35523b7651a0b2004ffeb9fdd7936a0ffac15a7e68d4e3fa9453a9dcab6a68df8
SSDEEP

1536:U/B+E61OoRS3UXBf0MaUhqlyAoQMjes6OobuUOCwihCWOxqd:8D67xXfJAjMKs6OoyULn13

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6535f452b495e7a00c1ea75df48c7979

Files

6535f452b495e7a00c1ea75df48c7979
.exe windows:4 windows x86 arch:x86

8e55489c19db8adb9e123edf2f1d7c33

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
GetLastError
EnterCriticalSection
GetDriveTypeA
GetExitCodeThread
CreateProcessA
GetVersion
RtlUnwind
GetModuleHandleA
WaitForMultipleObjects
HeapFree
GetTimeFormatA
lstrcatA
CompareStringW
GetLocaleInfoA
DeleteFileA
GetSystemDirectoryA
WaitForSingleObject
MapViewOfFile
lstrcpynA

msvcrt

_ftol
_exit
strrchr
__setusermatherr
strncat
free
wcsrchr
fseek
malloc
wcschr
qsort
memmove

Sections

.text
Size: 66KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ