65c069fb477068b23a4e0759fabb115f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65c069fb477068b23a4e0759fabb115f
Size

38KB
MD5

65c069fb477068b23a4e0759fabb115f
SHA1

9ed1c262a2fae0f8b560ed02214b42643e9cc81c
SHA256

767a51157fe479f1fd7db08e58f31109a6f88fee92c15d0df198848e8c917a73
SHA512

cb22cc2c039a77e95bfc5313c82b776e0f1dcc8687c6fd037ccfceaf0c4be45d9bdc010b52b19dd7bbbdbd5b125ca3c497099c9f0d149e25ca66cd40a94ae237
SSDEEP

768:tLDmnSlLNgL0Yhcnn3VsWcHVrlUTM6gNi7Eo9oVNHJmsGm57O:tLanGhUcnnLYpUTMjNSEo9oVbmS7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65c069fb477068b23a4e0759fabb115f

Files

65c069fb477068b23a4e0759fabb115f
.exe windows:4 windows x86 arch:x86

3737e55029be44d76ada9789d7dfb55f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeEnvironmentStringsW
GetLocaleInfoA
GetSystemInfo
GetVersion
HeapAlloc
HeapCreate
HeapFree
LoadLibraryA
LocalAlloc
QueryPerformanceCounter
SetErrorMode
lstrcmpiA
lstrcpynA

msvcrt

strpbrk
__p__fmode
_stricmp
exit
fprintf
free
time
swscanf
wcslen
isdigit
fwprintf

user32

GetWindowLongA
RegisterWindowMessageA
SetCapture
SetUserObjectSecurity
GetKeyState

oleaut32

SafeArrayAccessData
OleLoadPicturePath
SafeArrayDestroy
SysReAllocString
SysStringLen
VarBstrCat

shlwapi

PathAppendA
PathGetCharTypeA
PathGetDriveNumberA
SHDeleteValueA
SHOpenRegStreamA
StrSpnA
StrToIntA
StrStrA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ