676f9c2db369bd929ae1d33246217d9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

676f9c2db369bd929ae1d33246217d9f
Size

63KB
MD5

676f9c2db369bd929ae1d33246217d9f
SHA1

3b5bc10c3db8350cb35d483b16d450548b49c202
SHA256

45d9075d380025a73e0c11158332f85cd40cbb9e64bcad46b5884e314e51e4a5
SHA512

4fa96345f67cf8facbc50c4013ec73c40a592f4c02ebcae7aab58893ac1245246a05091489f049d9e8f6f358fab6b274e948c31b65e879e18d0deddfeee1cf23
SSDEEP

1536:2DU0vMMzApDNGZj5xl0A1fpppppppppppppbDHs2jXwf:OXvM3pcFD6MfpppppppppppppbLs2jXU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
676f9c2db369bd929ae1d33246217d9f

Files

676f9c2db369bd929ae1d33246217d9f
.exe windows:4 windows x86 arch:x86

fc9549db5f729ae4cee6e8749d80e581

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateThread
GetConsoleMode
SetEnvironmentVariableA
ReleaseMutex
HeapCreate
CloseHandle
lstrlenW
CreateFileA
SetLastError
LoadLibraryExW
LocalFree
PulseEvent
FindResourceA
GetCurrentThreadId
TlsGetValue
Sleep
GetModuleHandleA
GetStdHandle
CreateMutexA
GlobalUnlock

user32

CallWindowProcA
GetClipCursor
CopyRect
DrawEdge
IsWindow
DrawMenuBar
SetFocus
GetDC
GetIconInfo
CheckRadioButton
GetDlgItem
DispatchMessageA
FillRect

apphelp

SdbGetDatabaseID
SdbFindFirstTag
SdbFindNextTag
ApphelpCheckIME
SdbCloseDatabase

clbcatq

ComPlusMigrate

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lczweoh
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE