bed6c43ed708365ede3cd34caf574893 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bed6c43ed708365ede3cd34caf574893
Size

196KB
MD5

bed6c43ed708365ede3cd34caf574893
SHA1

8c2042ea9fa65bb427c06abf614c1a07876ae4d9
SHA256

e544b2267cf2cb855fe90373f3b49e277f8b3908947c37e376f95978f3eea372
SHA512

53e5602646cabee9d2feba1e4b1813527ad3d087b5c122c3495a60f226680b487e182ca2c18c8cbec35d726b7acaeeae1c66555b7654b3f73f705e3b8df9b76c
SSDEEP

3072:ZlvGUNLkG5RA3qErDJAPaWQuyfMBH24PxZxPGT6HbW9f4q28:XtQ6EqSwyYHDPTxbb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bed6c43ed708365ede3cd34caf574893

Files

bed6c43ed708365ede3cd34caf574893
.exe windows:5 windows x86 arch:x86

5b7598d273264c69de8daa899573e5dd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReadConsoleA
HeapAlloc
IsBadCodePtr
GetVolumePathNameA
VirtualAlloc
GetProcessAffinityMask
LZRead
GetDiskFreeSpaceExA
GetFileType
GetFileInformationByHandle
GetFileAttributesExA
HeapSummary
FindFirstVolumeA
GetCommandLineA

user32

MonitorFromRect
TranslateAcceleratorA
ReasonCodeNeedsBugID
EnumChildWindows
CreateDesktopA
GetWinStationInfo
GetProcessWindowStation
FreeDDElParam
CreateCursor
LoadImageA
IsGUIThread
DialogBoxParamA
GetWindow
IsHungAppWindow
GetMessageExtraInfo
GetClassInfoA
MenuWindowProcA
ShowWindowAsync
GetClassNameA
TrackMouseEvent
TranslateAcceleratorA
DestroyWindow
GetScrollRange
ReplyMessage
TranslateMessage
CreateWindowExA
SubtractRect
GetDlgItem
RegisterClipboardFormatA
GetWindowLongA

comdlg32

GetOpenFileNameA

Sections

.text
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 150KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ