68110e37ce4b2ef1f7efc3d1c42cf6a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68110e37ce4b2ef1f7efc3d1c42cf6a2
Size

336KB
MD5

68110e37ce4b2ef1f7efc3d1c42cf6a2
SHA1

50150bf08f341ae948771bc2b80a020bf14d8a1b
SHA256

586c968975fe3caf65a7dedc615040bdc4075c54379d03f9240049cd65caf1f2
SHA512

9253430070932665a0aa66af63ea08ffc2371821f6f6a7b8f0f5e8311103bdbe92d1cfa9a081ebe83d29ffb7036a10e8c45acbff6dd280a5aff776d1fcfcced6
SSDEEP

6144:CBC9k3CkeX29Lzpnb7IH9jimmGVJjfurCm7kjZqa1RqSWhQ+2UPZu+BD:gC9SC7X21Bm9NmGVJLu/ojUkcSKQRUDD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68110e37ce4b2ef1f7efc3d1c42cf6a2

Files

68110e37ce4b2ef1f7efc3d1c42cf6a2
.exe windows:4 windows x86 arch:x86

4f448b5cfb725ebe78f8b366216ee8b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
ReleaseMutex
DeleteCriticalSection
GetModuleHandleA
HeapDestroy
GetLastError
TlsGetValue
AddAtomA
ExitProcess
CreateHardLinkA
ResumeThread
GetPrivateProfileStringW
GetDriveTypeA
lstrcmpiA
CloseHandle
VirtualProtect
GetTickCount
HeapSize
GetTempPathA
GetStartupInfoA
GetThreadLocale

advapi32

CloseEventLog
LsaFreeMemory
IsValidSid
AccessCheck
RegEnumKeyExA
LsaSetSecret
RegEnumValueA
CloseTrace
LsaClose
FreeSid
GetSecurityInfo
RegLoadKeyA
GetFileSecurityA
RegCloseKey
RegCreateKeyExA
OpenEventLogA

urlmon

CoInstall
CoInternetParseUrl
CopyBindInfo
CoInternetGetSession
CoInternetCompareUrl

perfos

CloseOSObject

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ