666497b23b59e61a57cdbc5cd47b469a | Triage

Sharing

General

Target

666497b23b59e61a57cdbc5cd47b469a
Size

140KB
MD5

666497b23b59e61a57cdbc5cd47b469a
SHA1

b28bf15de429eddc8d7a9596d87e0e6dbb269e24
SHA256

8f7b0e19f6f2ca9c5abc0914d63883c62d34ed596772f88ada3ed5942bdec87e
SHA512

0cf39cb4ab64857a34dbdcf78bea0b4ab40379396139ee0307184760bd748a6b998b873292e8cd88b91e424231c48c826e36d6e2223405d445d90060c2e102e9
SSDEEP

3072:KNSMMfRY0NBQwcWA07nBy+nghqgBgg/Y2AiVQSzid8:KNSrS0NBQwXd75gBg72JQSzM8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
666497b23b59e61a57cdbc5cd47b469a

Files

666497b23b59e61a57cdbc5cd47b469a
.exe windows:4 windows x86 arch:x86

6133a0c0198478e1e4c18060517ea867

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
CreateFileA
ExitProcess
GetFileAttributesA
HeapAlloc
GetProcessHeap
HeapReAlloc
HeapFree
CloseHandle
lstrlenA
GetSystemTimeAsFileTime
RtlUnwind
InterlockedExchange
VirtualQuery
GetSystemDirectoryA
SetCurrentDirectoryA
WritePrivateProfileStringA
GetFullPathNameA

user32

wvsprintfA

advapi32

CloseServiceHandle
StartServiceA
CreateServiceA
OpenSCManagerA

shell32

DragAcceptFiles

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 998B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 135KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE