689e569992da88894234ecdc7dd8af96 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

689e569992da88894234ecdc7dd8af96
Size

101KB
MD5

689e569992da88894234ecdc7dd8af96
SHA1

a14ea7f988cd529c34b6b7eefd609de3d043d652
SHA256

f659e3e31fdc8f0a0686b9b8569cedde867d11948db5792fff735150036dc1ae
SHA512

c137a23d5e62f465cf3ce6bdc81f616904d0adc876706231aef8d0a7307c5116ee77df1b10adcf93b31dd7c5b4f1dbf55c13a2e4273bccfa5c1739c6eba525b4
SSDEEP

1536:Vyxx+Z7Oypa1uQCQvxEDEORmb9ULhRximh5LQngMMCX4mP:+xL2a1OJEORi9anf93MMCoK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
689e569992da88894234ecdc7dd8af96

Files

689e569992da88894234ecdc7dd8af96
.exe windows:4 windows x86 arch:x86

c4ce9ad28723d2e502eb222330d3b284

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsContentTypeA
SHQueryValueExA
PathGetCharTypeA

kernel32

ExitProcess
FindResourceA
GetACP
GetVersion
GetCommandLineW
GetModuleFileNameA
GetLastError
GetProcessHeap
VirtualFree
GetFullPathNameA
GetFileSize
GetCommandLineA
IsBadReadPtr
GetCurrentThreadId
GetTickCount
GetStringTypeW
LoadLibraryA
lstrcmpA
VirtualAllocEx
GetStringTypeA
GetSystemDefaultLangID
GetFileAttributesA
GetStartupInfoA
MulDiv

shell32

SHFileOperationA

user32

GetMenu
MapWindowPoints
MapVirtualKeyA
OemToCharA
OffsetRect
IsCharLowerA
GetCursor
CharUpperA

Exports

Exports

_Ngz2BXOD9T
v2uCtw8@8
yjJlU

Sections

.text
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mdata
Size: 512B - Virtual size: 116B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ