65d0bd92029f9adbb1f46a0326ce63a5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

65d0bd92029f9adbb1f46a0326ce63a5
Size

67KB
MD5

65d0bd92029f9adbb1f46a0326ce63a5
SHA1

c2a287910072bdd9fe2a94ce125b3295e0a74774
SHA256

84036e90e531f6004112501eb056b754d22304288fc2304bf7e59ed29a100f1c
SHA512

b9f0248055f69e01551f76ad6a2c9e148cb8508ed0039471b31c938fc25b7cd1f9e68f29da374b5840180af2be3cd3828fb109bf2efd2b02f7f9191dd67931c5
SSDEEP

1536:4a06mAvvjGdQcAJlXmbqaTlzdnv/g8m+IvJE0:aa8efpaRzdQEIhz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65d0bd92029f9adbb1f46a0326ce63a5

Files

65d0bd92029f9adbb1f46a0326ce63a5
.exe windows:4 windows x86 arch:x86

2da67fd76beb8f74cde551d020d5b5aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ResetEvent
FlushConsoleInputBuffer
IsBadStringPtrA
ChangeTimerQueueTimer
ReadFileScatter
GetCommModemStatus
SleepEx
GetFileAttributesExA
SetComputerNameExA
GetThreadContext
UnlockFile
DeleteTimerQueue
GetCommandLineA
ExitProcess
GetStartupInfoA

Sections

PESEC0
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

PESEC1
Size: - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 45KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ