66901283c5f9a88a67c679aae0424561 | Triage

Sharing

General

Target

66901283c5f9a88a67c679aae0424561
Size

176KB
MD5

66901283c5f9a88a67c679aae0424561
SHA1

ab8fe7aa363e5e1ec977b3869770935bb7c30f28
SHA256

bea809c754806cfcc976a8486b48def350ba5a697f1b843e324c3be0f22a6430
SHA512

cffb7016d0ce446efb8c48b99225951f4956bcb662b25aeed7ede59ce175a844b958fbc70a1104e058f9b59f38c5e40bcea096b3ca0977424f502ec83ddf361b
SSDEEP

3072:f+pN0MPHojolcI/AzUjD57MMXRn3ES4niWlCxstMWestZ2GC2VYUffxTDs5B:m5HokKzUjFMMh3ESpcCj1zs3ffYB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66901283c5f9a88a67c679aae0424561

Files

66901283c5f9a88a67c679aae0424561
.exe windows:4 windows x86 arch:x86

c9cc66566453ec743c69bb996155792e

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryExA
EnumSystemCodePagesA
SetConsoleCursorInfo
SetFileApisToANSI
FindResourceExW
SetLocaleInfoW
CallNamedPipeW
GetAtomNameW
SetThreadContext
BuildCommDCBW
LCMapStringW
SystemTimeToFileTime
GetProfileSectionA

user32

SetWindowRgn
MessageBoxIndirectA
GetParent
ChangeDisplaySettingsW
CharNextW
UnregisterHotKey
PrivateExtractIconsW
wsprintfA
SetUserObjectInformationA
InternalGetWindowText
TranslateMDISysAccel
WinHelpA

gdi32

GetDCOrgEx
SelectObject
ExtTextOutA
GetWindowOrgEx
PolyBezier

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 946B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE