657d60a19cb536a7a3ee6b83883d2e5c | Triage

Sharing

General

Target

657d60a19cb536a7a3ee6b83883d2e5c
Size

171KB
MD5

657d60a19cb536a7a3ee6b83883d2e5c
SHA1

1ae40a716690a0e6be8f7601b141e39a17a6c941
SHA256

7941a77375f60f9d508680016925f78267c240767fa9c88db54e69f8798b2cd1
SHA512

1067b6fe1250c2d93a706981c188d5808255c1df461809a39105a940e60f10787153d0cf2206c206125f17d4f5e7e4683e49dc4de3c5c84fe014ca9284801878
SSDEEP

3072:Yhw4EgMc/Q1pv2zN3LCej5ead0qgWgfcqoMIvPaHufsMbRiR4h4lRxw:YGe2VWBCCLdh/Eat65eQRM4lR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
657d60a19cb536a7a3ee6b83883d2e5c

Files

657d60a19cb536a7a3ee6b83883d2e5c
.exe windows:4 windows x86 arch:x86

6023de6a79f2af8f72e6ee3e99c54846

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
FileTimeToSystemTime
EnterCriticalSection
ResetEvent
IsDBCSLeadByte
GetFullPathNameA
CreateThread
LoadLibraryW
DeleteCriticalSection
GetTimeZoneInformation
SetEvent
OutputDebugStringA
EnumResourceNamesA
GetProcAddress
VerLanguageNameA
lstrcpyA
LeaveCriticalSection
GetTempPathA
WaitForSingleObject
GetTickCount
LoadLibraryA
Sleep
GetFullPathNameW
InitializeCriticalSection
FreeLibrary

msimg32

AlphaBlend
TransparentBlt

winmm

mciSendCommandA
sndPlaySoundA

setupapi

InstallCatalog
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

shlwapi

PathAddBackslashA

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ