65a3a65ddc3392e2a1f951be6a753332 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65a3a65ddc3392e2a1f951be6a753332
Size

717KB
MD5

65a3a65ddc3392e2a1f951be6a753332
SHA1

a0fc795d0cb2b40c4b065cd817a924190dc0ca96
SHA256

0d3a824d563d26a8f5ed4d69c40ad52db924c58a7fb5de6e2e9f04f64d416457
SHA512

599e2fe9e77f2bacc2a2e32f80f19c7de163586413bce2d0a18669a39659c57d42adbbde12e8994c86a8f81a77e85dac7b0c38dde99569a5ed2a94f3cd8e84e4
SSDEEP

12288:maUqxSEDT5n4GhQn8LnzB4XG0wBtuycNTpvWLQ8c9GwtW8rsxyC3fpQ:PkyTyxnSN4XG00tsL+LQ8cswQwsYC3hQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65a3a65ddc3392e2a1f951be6a753332

Files

65a3a65ddc3392e2a1f951be6a753332
.exe windows:4 windows x86 arch:x86

af6cbddb65931522546c8e78b13ac579

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
lstrlenA
TlsFree
InterlockedExchange
GetConsoleCP
CloseHandle
SetEvent
ResetEvent
GetProfileIntA
HeapWalk
HeapReAlloc
GetTickCount
GetModuleHandleA
GetVersion
GetAtomNameA
WaitForSingleObject
CompareFileTime
GetACP
VirtualProtect
GlobalUnlock
FindAtomA

user32

EqualRect
ModifyMenuA
GetWindowLongA
GetWindowTextA
SetSysColors
CopyRect
DispatchMessageA
InflateRect
DestroyMenu
ScrollDC
SetWindowPos
GetKeyboardLayout
DialogBoxParamA
MessageBoxA
PostQuitMessage
InsertMenuA
LoadIconA
PostMessageA
GetScrollRange
GetParent
GetMenu
GetMenuStringA
EnableScrollBar
TranslateMessage
SetPropA
GetDlgItem
ShowWindow
GetSubMenu
UpdateWindow

msi

MsiGetMode
MsiCloseHandle
MsiEnumClientsA
MsiDoActionA
MsiEnumProductsA

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ