af68a6f521bffabf1c866b8a820a4161b1f3c785a278a07d35fc0432de2358ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

af68a6f521bffabf1c866b8a820a4161b1f3c785a278a07d35fc0432de2358ae
Size

5.9MB
MD5

4efa31fc8d05c52b962b106f9017da97
SHA1

3d2d3dd77f3ac3cac17682fb74d97725de00fe8d
SHA256

af68a6f521bffabf1c866b8a820a4161b1f3c785a278a07d35fc0432de2358ae
SHA512

748d53cad4c8f5578ceca10b0868c50d15a810899f22f60e092055321c1bb46b42f728f2f492af9b859524ddce1b2d07835f4d024579500dd19e7c830168ee03
SSDEEP

98304:2WoqHUMYz44fpUYxaKh6pgLgnbGK05Q2zPt6oNNmnvqdjSAPiOsjokC1:ZoqHU9RSY9XcbGK09sYGqdjS2h0Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
af68a6f521bffabf1c866b8a820a4161b1f3c785a278a07d35fc0432de2358ae

Files

af68a6f521bffabf1c866b8a820a4161b1f3c785a278a07d35fc0432de2358ae
.exe windows:5 windows x86 arch:x86

a067095152b2ab7f251f621a37d8c9d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord582

kernel32

GetSystemTimeAsFileTime
LocalAlloc
LocalFree
GetModuleFileNameW
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

CharUpperBuffW

Sections

.text
Size: - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Zdz
Size: - Virtual size: 3.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.Y00
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.:~V
Size: 5.9MB - Virtual size: 5.9MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 56KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ