681fd75590640caa21d2550864d84100 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

681fd75590640caa21d2550864d84100
Size

1.1MB
MD5

681fd75590640caa21d2550864d84100
SHA1

a40a2ea7bef013830ce2584ad0330ebbdbddb29d
SHA256

d47a627245ff3f311ec566b03903b1daf1d16ab1ec6655c7ed715b38ea3cc41a
SHA512

6471a95a7c1818ee9250c3aa7cce135cd187070c776ec130d757372f47430dd6443845b3800e41b242536aac8e6d919fa91842cc2279b26de1ae987f1a0c078c
SSDEEP

24576:nc+8MBqIvB4yUFUWAkB/6E5CKiZkR3t6JC7Y4Al14W461PHks9bjs:jqHvUW4E5VoVdEYHs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
681fd75590640caa21d2550864d84100

Files

681fd75590640caa21d2550864d84100
.exe windows:4 windows x86 arch:x86

f91fd999b524f646a1bd5a78bb931a06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
TryEnterCriticalSection
GetFirmwareEnvironmentVariableA
OpenThread
ReadFile
GetLastError
OpenWaitableTimerA
LeaveCriticalSection
ExpandEnvironmentStringsA
GetSystemDefaultLangID
ReleaseMutex
EnterCriticalSection
FreeEnvironmentStringsA
CreateFileA
GetCurrentThread
InitializeCriticalSection
SetFilePointer
lstrlenA
GetEnvironmentStringsA
GetVersion
WriteFileGather
SetThreadExecutionState
GetThreadPriority
GetModuleHandleA
GetFileTime

Sections

.text
Size: 813KB - Virtual size: 816KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 316KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 756KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ