67ac85812d6293ca0fae2d8eb8c7a135 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67ac85812d6293ca0fae2d8eb8c7a135
Size

177KB
MD5

67ac85812d6293ca0fae2d8eb8c7a135
SHA1

450dbcf8caa60a6df1f4d6c984c5fe48526617cb
SHA256

db9d9e9bdcafdddc20b8ec27c7028e6cd401b2cec6599a2815f796ff882935e0
SHA512

5cdbaefcf9d1ba25a8bd0f3cd93e854d1c69aee8aeb1e463d7fbf79751d4649dfa4bdc293e0a12abb03a4582d523dd7d3da8f9f38dcb6d157363333a782095c6
SSDEEP

3072:Ab5fM0pEjEA1+APIZvdFYkJC7yxgTDm2fPz42uu4+Z2hxh:kAjEW+A8d5AySTPfPzTN2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67ac85812d6293ca0fae2d8eb8c7a135

Files

67ac85812d6293ca0fae2d8eb8c7a135
.exe windows:4 windows x86 arch:x86

4350e61a7c05bac0ed116a17bbb779cc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerDisconnect
MprConfigServerConnect
MprConfigGetFriendlyName

ole32

CoGetMalloc
ProgIDFromCLSID
CoTaskMemFree
StringFromCLSID

kernel32

SetLastError
MoveFileExW
MapViewOfFile
TlsAlloc
GetCalendarInfoA
TlsGetValue
CreateDirectoryW
UnmapViewOfFile
WriteConsoleW
GetModuleHandleA
GetExitCodeProcess
CreateFileA
FlushFileBuffers
GetModuleHandleW
LoadLibraryExW
HeapFree
InterlockedIncrement
TlsFree
EnumResourceNamesA
GetConsoleCP
SetEvent
HeapAlloc
CreateFileW
CreateProcessW
GetProcessHeap
GetVersionExA
GetProcAddress
TlsSetValue
GetVersionExW
FindFirstFileW
GetTempPathW
ExitProcess
GetEnvironmentVariableW
GetConsoleMode
WaitForSingleObject
CreateFileMappingA
CreateThread
GetLastError

Sections

.text
Size: 95KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 78KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 260KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ