6610a00d22396f2519e208601a2e2560 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6610a00d22396f2519e208601a2e2560
Size

91KB
MD5

6610a00d22396f2519e208601a2e2560
SHA1

ddd4e2275f1f789c17143e72c40cdf6b2fbce17e
SHA256

6c6b57e56a8699b03f70c90ef0508106aa34f81af465d213f3c308b12f7656ce
SHA512

c21a5873cb882c57f4e6cadd2023151318c12f2b2f74aef6a2acf0ade23144c0787f61847fa203a95ef6c415ebad3c0bae0811c7275f09c9618487ac2a2eb0ce
SSDEEP

1536:SWAVlD7uFeW+5l7RmGZFvjdEzB24C91W2F7FCwtOyNvAgvk:suMW67wGZAE4O1TFprthvAgvk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6610a00d22396f2519e208601a2e2560

Files

6610a00d22396f2519e208601a2e2560
.dll windows:4 windows x86 arch:x86

d65f2bb3db52b9e94f74e26befd1872b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ShowCursor
SetMenuInfo
SetFocus
OffsetRect
IsCharLowerA
EndPaint
EnableWindow
EnableMenuItem
DestroyCursor

kernel32

GetModuleFileNameW
GetSystemTimeAsFileTime
GetExitCodeProcess
GetCurrentThread
ExitProcess
InterlockedDecrement
LCMapStringW
IsValidLocale
HeapCreate

advapi32

RegSetValueExA
RegEnumValueA

comdlg32

GetOpenFileNameW
GetFileTitleW

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ