6666b94269ffeebce20e986c5e9e33f0 | Triage

Sharing

General

Target

6666b94269ffeebce20e986c5e9e33f0
Size

59KB
MD5

6666b94269ffeebce20e986c5e9e33f0
SHA1

f5a561b5b44ab5435176cd263665d5cb00f423f7
SHA256

c7973bb3f903a9fab338224261dd3a9e487482f66cbf52d702f4a65019f2c8ae
SHA512

1dde9f80a9821a0d74eb33f6fe58c2a364f69ec2e74c590674427c8c1b1a0a84ae1199a490604148134db8c93b4829bd2a9994ae8b82a71e11bea94ed3b8fa31
SSDEEP

1536:ncp16jVImE5/TYr4IVeZQp5rGleAdI94btfnT+v:C16jVVsIVeKp5rGleAqItvS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6666b94269ffeebce20e986c5e9e33f0

Files

6666b94269ffeebce20e986c5e9e33f0
.exe windows:4 windows x86 arch:x86

d6c8400b44dc0f67f11d4ae5ae9308bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleCount
GetVersion
MultiByteToWideChar
CreateFileA
GetOEMCP
LCMapStringW
TerminateProcess
GetCPInfo
GetStartupInfoA
SetFilePointer
lstrcpynW
GetCurrentProcess
lstrcatA
GetStringTypeA
GetStdHandle
GetModuleFileNameA
GetACP
LCMapStringA
GetStringTypeW
GetFileType
WriteFile
lstrcpyA
lstrcpynA
GetCommandLineA

user32

LoadMenuA
GetCursor
CopyIcon
GetWindowTextA
DrawTextW
DialogBoxParamW
CreateIcon

advapi32

RegOpenKeyExW
RegCreateKeyA
RegEnumKeyA
RegOpenKeyW
RegEnumKeyExW
RegDeleteValueA
RegEnumValueA
RegCreateKeyW
RegQueryValueExW
RegEnumValueW

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ