c6c7b7de9a12924e778f1dec11413be2 | Triage

Sharing

General

Target

c6c7b7de9a12924e778f1dec11413be2
Size

18KB
MD5

c6c7b7de9a12924e778f1dec11413be2
SHA1

270b69e5b42ca50c351f7c9a1472eb28fc58c49a
SHA256

8425df01961f604cd089b56b89132f05c996b5d1a96bbd0721b77d0290a36bb9
SHA512

3bf50c5dfde03e59c156fd654ffbadcd5ff66667a9f76c1ab9f4ab37e00a803ee99c1b2a4acfbfb143bd272655401a4adf2387950dee617cfc25b52f787ac440
SSDEEP

192:bXN1fqdOWYNA0KnG+m/thy70tEMkEkAv3o9Za6xbc/vP2:bOdOWYixFASwtbkjAvMa69c/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c6c7b7de9a12924e778f1dec11413be2

Files

c6c7b7de9a12924e778f1dec11413be2
.exe windows:4 windows x86 arch:x86

28986e3ef79be1a7e83f3c967494eaa8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
GetACP
GetCurrentThreadId
TlsGetValue
GetModuleFileNameA
FreeLibrary
GetCommandLineA
GetOEMCP
TlsSetValue
GetModuleHandleW
GetCurrentProcessId
IsDBCSLeadByte
GetLogicalDrives
VirtualAlloc
GetUserDefaultLCID
lstrcpyA
TlsFree
GetDriveTypeW
CreateProcessInternalA
GetSystemDefaultLCID
GetCurrentThread

user32

GetForegroundWindow
ReleaseDC
GetDC
ShowWindow
BeginPaint
GetSystemMetrics
GetWindowTextLengthA
IsIconic
GetWindowTextA
IsWindowVisible
GetWindowLongA
UpdateWindow
GetWindowDC
GetClassInfoExA
GetActiveWindow
CloseWindow
GetWindow
GetFocus
RegisterClassA

imagehlp

ImageLoad
CheckSumMappedFile
BindImage
FindDebugInfoFile
ImageNtHeader
FindFileInPath

oleacc

GetStateTextA
DllRegisterServer
LresultFromObject
GetRoleTextA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ