b6cfd32787c856885c72d9e02a1fe0b1 | Triage

Sharing

General

Target

b6cfd32787c856885c72d9e02a1fe0b1
Size

49KB
MD5

b6cfd32787c856885c72d9e02a1fe0b1
SHA1

b2386b0922f4655712927a9968a5104ceb3a19c5
SHA256

68709e684903a4b031d00e198788b3452b2a2680ad3680d693ee27d585a6811d
SHA512

2fc4f7f61f96d8548a8eb3bd6f86b65b087737574d3bfa620fd5dbf77c156e1e01ef05f2a6f388181b5e93bf19f19801a3fb22a2b69e20da4e25a5560f89344c
SSDEEP

768:ww/ZkDV3TvOgepgQ8t0YSh1pDjPUC8T8yg52vrMDWDbGPVLjI1MCPR3PjJFXS6mP:wyswpR8lSh1pDDU6FkMDWOyjzc6mDjv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6cfd32787c856885c72d9e02a1fe0b1

Files

b6cfd32787c856885c72d9e02a1fe0b1
.exe windows:4 windows x86 arch:x86

83d97c2dd2a8e6ebbedcefed6f0432b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetPrivateProfileStructA
GetStringTypeExW
Heap32Next
LocalFileTimeToFileTime
MapViewOfFileEx
SetCalendarInfoA
WriteConsoleInputW

advapi32

ConvertAccessToSecurityDescriptorW
CryptDecrypt
CryptGetProvParam
CryptSetProvParam
GetSidSubAuthority
SetSecurityInfo

user32

ActivateKeyboardLayout
BroadcastSystemMessageW
CharPrevExA
ChildWindowFromPoint
CloseWindow
CreateCaret
CreateWindowExA
DdeSetQualityOfService
GetScrollPos
IsZoomed
MapVirtualKeyExA
RegisterHotKey
UnloadKeyboardLayout

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE