66e0561f04735f2889efd2919830d051 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66e0561f04735f2889efd2919830d051
Size

15KB
MD5

66e0561f04735f2889efd2919830d051
SHA1

8b833fd2f5ef02faee4c78e8aceb6bd3f7b7d282
SHA256

4d523cdc38c70039287a498772d1ee28f25ff15176388a91927fe982ff505b90
SHA512

a290e884fd2b3ca3a66f6c609a0c9ed2f4eca2c0e816a8091ac337a90da049f3fc978d55cbf456aa86af2dcea726069e211d8aede4aa82005ed207462f367326
SSDEEP

384:bEeFYdm/pdoaFSyPZYDZF1DTOX0NLunMpP3pwV53eH8IuPtztjrzbT:ImY8BHt0ZFhTO/GxwfBjlpjfX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66e0561f04735f2889efd2919830d051

Files

66e0561f04735f2889efd2919830d051
.exe windows:1 windows x86 arch:x86

a61990dd16b3011bdcf965035342aaee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Duplicate
ImageList_Merge
MakeDragList
MenuHelp

kernel32

EraseTape

shell32

RealShellExecuteA
SHGetFileInfoA
DragQueryFileA
ExtractIconW

ntdll

CsrNewThread
DbgUiRemoteBreakin
LdrAccessResource
LdrEnumResources
LdrGetDllHandleEx

Sections

.text
Size: 9KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 4B - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE