68200eeada32107e3ecb6c7cb9202a89 | Triage

Sharing

General

Target

68200eeada32107e3ecb6c7cb9202a89
Size

283KB
MD5

68200eeada32107e3ecb6c7cb9202a89
SHA1

ff468c2e2a231bc6d634f2b1af52d6ea7b55168a
SHA256

3f93dcc60e5d6100cc181d25fa55a59f08abad56039923639ecec15db29f1238
SHA512

81ea62c2ebae542ba64ad9ea105c3c100472c30da905b104896525faed5663319b6f7eb896125685e79bca725f00584558111811f01bcc98fe56e69cca4410ed
SSDEEP

6144:qfZjyK+ySo8Q3wyw+1ErlrOmbZLMzVtuNdNazas73mlH4:qfZh+ySo8CxE7ZwBMtaGMWlY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68200eeada32107e3ecb6c7cb9202a89

Files

68200eeada32107e3ecb6c7cb9202a89
.exe windows:5 windows x86 arch:x86

c9aa23a71eeacdfff06136f5e5f72d58

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetActiveWindow
OemToCharBuffW
GetOpenClipboardWindow
EndDialog
ValidateRect
DialogBoxParamA
SetWindowPos
VkKeyScanA

ole32

CoLoadLibrary
CreateDataAdviseHolder

kernel32

GetNativeSystemInfo
HeapDestroy
HeapFree
AreFileApisANSI
HeapCreate
InitAtomTable
GetCPInfoExA
LocalAlloc
GetCurrentActCtx
GetProcessWorkingSetSize
LocalFree
GetProcAddress
GetModuleHandleW
EnumResourceNamesA

Sections

.text
Size: 262KB - Virtual size: 262KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ