73626e59da1d39899ec8e37616c8c429 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

73626e59da1d39899ec8e37616c8c429
Size

202KB
MD5

73626e59da1d39899ec8e37616c8c429
SHA1

0cc9a8f096c074027bfae1be4b69193f53c5d7de
SHA256

ab0239c45861d2ec595d96edfb9fe8343c4260e0cf07264e301253c09f5cd505
SHA512

8ed0821f8ebcf10901a751dbe4505fa944bd87bb08799d683caea52242f765f3eeede80c64b66264c00b7cf3dba18cda76a57180e9661942a317ca9ebf9665d7
SSDEEP

6144:LT0ynG57S7t9p9RItXICxXal8UnhNvBO2tk:LT5oSZ9+xICW8OlBOsk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73626e59da1d39899ec8e37616c8c429

Files

73626e59da1d39899ec8e37616c8c429
.exe windows:4 windows x86 arch:x86

bcd97adc021b3fdc418ff7c1642bfb91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
GetTickCount
SuspendThread
GetVersion
GetSystemDefaultLangID
GetCommandLineA
LocalSize
LoadLibraryExA
CompareFileTime
GetConsoleDisplayMode
HeapCreate
WaitForSingleObject
VirtualProtect
HeapReAlloc
CloseHandle
lstrlenA
InterlockedExchange
GetModuleHandleA
GlobalUnlock
WaitForMultipleObjects
GetConsoleCP

gdi32

CreatePalette
BeginPath
EngLineTo
FloodFill
GetMetaFileA
EqualRgn
GetMetaRgn
DeleteDC
CreateICA
GetStringBitmapA
GetRgnBox
GetTextColor
AbortPath
Ellipse
CreateFontA
Escape
DeleteObject
EndPath
GetFontData

rastapi

PortClose
DeviceConnect
DeviceListen
DeviceDone
AddPorts

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 800KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ