675514691260d9e3b643cda13660b2ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

675514691260d9e3b643cda13660b2ff
Size

219KB
MD5

675514691260d9e3b643cda13660b2ff
SHA1

22d6ad00326bfd36bca7692b8455b11b653a3455
SHA256

6ed32cd965a7a2f82b3b862e5988f06c0a70f1b8532dcd42602f4d829a55cd99
SHA512

abed49dd1ae6fb74e315462b5aad7a9594b892459916d9bbcb8d176e5c74af427423a6f81fd2290384b72092c6c23a242645748e2736803c8b67980c4f7e16a3
SSDEEP

6144:X5qozQt02709rwUPtliMpLrQcwmbJ4Ql:X5qo8t027Z0riYHHw8JTl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
675514691260d9e3b643cda13660b2ff

Files

675514691260d9e3b643cda13660b2ff
.exe windows:4 windows x86 arch:x86

0aa7f1da0835d7bacea118b1135f6d17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumeInformationA
QueryPerformanceCounter
GetSystemTime
GetLocalTime
CreateFileW
MoveFileExA
GetDateFormatA
FreeResource
SizeofResource
LockResource
SetEvent
WaitForSingleObject
GetCurrentProcess
GetTempPathW
FreeLibrary
LoadLibraryW
ExitProcess
GetCurrentProcessId
GetFileTime
GetModuleFileNameW
WideCharToMultiByte
CloseHandle
SetEndOfFile
WriteFile
GetFileSize
CreateFileA
GetFileAttributesW
SetFileAttributesA
GetModuleHandleA
GetCommandLineA
GetCurrentThreadId
GetProfileStringW
GetStartupInfoA

msvcr71

fwrite
fputs
strchr
strncmp
fclose
fread
fseek
fopen
_c_exit
_exit
_XcptFilter
_ismbblead
_cexit
exit
_acmdln
_amsg_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
__dllonexit
_onexit
_controlfp
atoi

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 688B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ