67ddf7711dfb8119d74338cf473c7fb1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

67ddf7711dfb8119d74338cf473c7fb1
Size

48KB
MD5

67ddf7711dfb8119d74338cf473c7fb1
SHA1

883cbd7b05717049412e8240cc990996fd660a08
SHA256

db6e8d91cf9b07700411b41296262d8246d25bbc025e2068b24c41ef4a54c01f
SHA512

bf0dc29c29a67d0ea2a24105c94a4b9cbe388a40aefdc37650cc67ba4dfca9b19b20a10c7814bf4eb2cea883aab8ad5be8848ea4b83cc7355ff2ddd65aed95dd
SSDEEP

768:/+ll+CEVg4BadgFpCRZxdTtI0E4louflf5kocmkLcmSBArbOx2/fQJ3G59FXZ1mB:/eY/CSpixJtI/6LVSTZgvBobE2SqXZO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67ddf7711dfb8119d74338cf473c7fb1

Files

67ddf7711dfb8119d74338cf473c7fb1
.exe windows:5 windows x86 arch:x86

72f7fadb64952b58feb7587defe6e23f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

FindFirstFileW

shlwapi

PathCombineW
PathFindFileNameW
SHDeleteKeyA
StrCmpNIA
StrCmpNIW
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfW

user32

CharLowerBuffA
CloseDesktop
CloseWindowStation
GetDlgItemTextA
GetKeyboardState
GetKeyState
MsgWaitForMultipleObjects
PeekMessageA
SetProcessWindowStation
ToUnicode

Sections

.cfcjwt
Size: 38KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yzurod
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.veh
Size: 5KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ