c6709c606b6f327958e269210e9c088d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c6709c606b6f327958e269210e9c088d
Size

55KB
MD5

c6709c606b6f327958e269210e9c088d
SHA1

326b38fec8eba405deee596a2372148fb8e5737d
SHA256

e005b8e72bc4f8b01b29b7dfbaad069a8f9f2864da221817d4d839d383eb308f
SHA512

7af9f904e23b8aecc960fd826854b4f3fcb8c138209cfe9a827c00ac13fb7ab217c91096e84a544136172b2d3b378d15bcad3733f64525e69038e1301fbe78c0
SSDEEP

1536:5Rc3zTp4rgS4+4aS99aCfUCnopmnT4tgnGSzGqj:5RcDTp4MSoaAcCcqTAgnxGq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6709c606b6f327958e269210e9c088d

Files

c6709c606b6f327958e269210e9c088d
.exe windows:4 windows x86 arch:x86

1302690f5b8b457269e164b2722a559e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
EnumDateFormatsW
ExitProcess
FindFirstFileW
FlushFileBuffers
GetACP
GetCommandLineA
GetProcessHeaps
GetWriteWatch

advapi32

DeleteService
EnumServicesStatusA
GetOldestEventLogRecord
LogonUserA
RegOpenKeyExW
RegSetValueA
RegSetValueExA
SetEntriesInAclA
SetFileSecurityA
SetSecurityDescriptorOwner

user32

ChangeClipboardChain
ChangeDisplaySettingsW
CopyAcceleratorTableW
DrawStateA
DrawStateW
GetMonitorInfoA
IMPSetIMEW
IsRectEmpty
ModifyMenuA
MsgWaitForMultipleObjectsEx
OemKeyScan
OpenDesktopW
RegisterClassExW
UpdateWindow

shell32

ExtractAssociatedIconExW
ExtractAssociatedIconW
ExtractIconExA
FindExeDlgProc
RealShellExecuteA
SHFileOperation
SHGetDataFromIDListW
SHGetFileInfo
SHGetMalloc
SHGetNewLinkInfo
SHLoadInProc
SheSetCurDrive
ShellHookProc

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE