688c95d0b1bfac3fb53b84195164341f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

688c95d0b1bfac3fb53b84195164341f
Size

32KB
MD5

688c95d0b1bfac3fb53b84195164341f
SHA1

abd3bf87ba9fff4134c5c72cd6d5da4b41cb8809
SHA256

b32d87d8b1ceb4f7580c6b879a379466b79bf5bdc591416eeb17a015bae967c3
SHA512

13db2036da9b65573256712c14d6de605f9a87606d24d1def6ce17480e428cb0a5be0a76197e6ae53f2b4bb764981fdce23c44d906933ce18789f1df5f734dd0
SSDEEP

768:lfDBjTPfbKGFHiUCaYNdGjAIjNgm6WLCdhr:pwMmN0MKVCdhr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
688c95d0b1bfac3fb53b84195164341f

Files

688c95d0b1bfac3fb53b84195164341f
.exe windows:4 windows

ea1d6384f71ca191ce4d0c59b1294a4b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

GetTempPathA
lstrlenA
CloseHandle
CopyFileA
CreateEventA
CreateFileA
CreateFileMappingA
CreateProcessA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetDriveTypeA
GetFileSize
GetLastError
GetModuleFileNameA
GetSystemDirectoryA
GetTempFileNameA
lstrcpynA
GlobalAlloc
GlobalFree
LoadLibraryA
MapViewOfFile
RtlMoveMemory
SetEndOfFile
SetFilePointer
UnmapViewOfFile
VirtualAlloc
WaitForSingleObject
WriteFile
lstrcatA
lstrcmpiA
lstrcpyA

shlwapi

PathFindExtensionA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ