75fd57e899e65f417cc3f1bda5137afe | Triage

Sharing

General

Target

75fd57e899e65f417cc3f1bda5137afe
Size

11KB
MD5

75fd57e899e65f417cc3f1bda5137afe
SHA1

6f4c0d91da226f3ce594ab4776968d996eb0b236
SHA256

b29589c1b4069d4c451e061f682f34fa2d577e88f94331e8fdaf9d31d727b5cb
SHA512

1e1203b6a11030cbbd26b020c2b8c3681a2b15b498d317bce1b93fdfdf318561b34d7f99491e1b4ba7c5dd5f0dcc4ddaa4a84076b33927e86f5a3df363a1108d
SSDEEP

192:pJKWTsmBU8HxbqacS9vDhPbk0eba0gnWmHT9XAY6:fKuLVAo9PbkOht6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
75fd57e899e65f417cc3f1bda5137afe

Files

75fd57e899e65f417cc3f1bda5137afe
.exe windows:1 windows x86 arch:x86

9ca2c7229b7d3b9d5e0de18cb57f3f1a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

urlmon

CopyBindInfo
GetComponentIDFromCLSSPEC
IsJITInProgress
IsLoggingEnabledA
IsLoggingEnabledA

wsock32

WEP
WSAAsyncGetProtoByNumber
WSAAsyncSelect
WSAAsyncSelect

advapi32

AbortSystemShutdownA
AddAccessDeniedAce
BackupEventLogA
BuildExplicitAccessWithNameA
BackupEventLogA
BuildExplicitAccessWithNameA

comctl32

LBItemFromPt
MakeDragList
MenuHelp
PropertySheet
ImageList_LoadImage
RemoveWindowSubclass
ShowHideMenuCtl

Sections

.text
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE