65db427a0c1a9eb0757de4534140c573 | Triage

Sharing

General

Target

65db427a0c1a9eb0757de4534140c573
Size

803KB
MD5

65db427a0c1a9eb0757de4534140c573
SHA1

397b86c5f4a113c9e105ad3940baf0eaa8b5fd2a
SHA256

a60d14d80ef4cd4f282f370cd3bf8d86e0b1ed66a8be1b02139b4f29cba1e21f
SHA512

4debd2a0a66fbcdbca6280ac48de0887283dd47f724e76b411885c5988797bfd9c8e0557411bcfe741a0d8c7e186ff3142d0fb246c1ec6e4a614c021938c1a08
SSDEEP

24576:5rnn5XM5blht4qGe1/YMGL94gDdYygQf86Qf:9Gl1gMw94gxYDNNf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65db427a0c1a9eb0757de4534140c573

Files

65db427a0c1a9eb0757de4534140c573
.exe windows:5 windows x86 arch:x86

63bc89602235ff78220e70fdead1a054

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileW
SetFileTime
DeleteFileW
HeapDestroy
OpenMutexA
VirtualProtectEx
GetModuleHandleA
GetDriveTypeW
GetCurrentThreadId
DeleteFileW
LeaveCriticalSection
FindAtomW
CreateDirectoryA
OpenEventW
GetFileAttributesA
GlobalFlags
GetTickCount
GetModuleFileNameA
PulseEvent
InterlockedExchange
GetConsoleMode
CreateFileW
GetProcessVersion
SetFilePointer
GetVolumePathNameA

user32

GetWindowLongA
PeekMessageA
SetFocus
wsprintfA
IsMenu
DestroyIcon
GetWindowTextA
LoadCursorA
SetRect
GetWindowLongA
DestroyMenu
DispatchMessageA
MessageBoxA

dot3msm

Dot3MsmFreeProfile
Dot3MsmDisconnect
Dot3MsmDeInit
DllMain

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE