866fcc452055392bc66a9e90984ea222 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

866fcc452055392bc66a9e90984ea222
Size

301KB
MD5

866fcc452055392bc66a9e90984ea222
SHA1

b31ebaebcd4a5e4ed6512f04d2ee0b261357fe5a
SHA256

4fac8c9e6d489cddb0fdb9cdd14dd2e2693b4ff9d8df04435cc7ca6cbedee993
SHA512

eb4985df7c785a4d6d63a7363e59fe93472045be834db680a2862567d495c0c9828eb85f0e977455309395a8dcd569f3eb3fe5283a091edac3a334a2ea8a943a
SSDEEP

6144:akHWhYj/SKkWTxRr5rtX7wP8pSCGpQ41b44psqoEOXUEQZ1sXjQ1:akHMZWTxR1Rc8pSCGpQO/hCUEEUQ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
866fcc452055392bc66a9e90984ea222

Files

866fcc452055392bc66a9e90984ea222
.exe windows:4 windows x86 arch:x86

75bebec5e2238bcda8de37c79bd39016

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetStdHandle
GlobalGetAtomNameW
GetCPInfo
GetDateFormatA
HeapSize
HeapReAlloc
RtlUnwind
VirtualAlloc
TlsSetValue
MultiByteToWideChar
EnumResourceNamesA
SetFilePointer
GetConsoleOutputCP
TlsGetValue
GetLocaleInfoA
GetTimeFormatA
GetModuleHandleA
WriteConsoleA
GetACP
TlsAlloc
IsValidCodePage
GetOEMCP
RaiseException

occache

FindControlClose

shell32

SHCreateStdEnumFmtEtc
ShellExecuteW
SHGetDesktopFolder
SHGetFileInfoW
SHGetSpecialFolderLocation
SHGetPathFromIDListW
SHGetMalloc
SHAppBarMessage
SHBrowseForFolderW
ShellExecuteExW
DragAcceptFiles
Shell_NotifyIconW

Sections

.text
Size: 153KB - Virtual size: 265KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 145KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ