d62a1584a000c55bf9fcfbdd52daee1b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d62a1584a000c55bf9fcfbdd52daee1b
Size

60KB
MD5

d62a1584a000c55bf9fcfbdd52daee1b
SHA1

a622bcfede7ad04a1c0b61eaee4308159711b015
SHA256

027c3e8ecfa95763971e4935a94e67069b37612514720b35231abbf07cb0e021
SHA512

0d044c01e2aefacf20b7c6e1d5547c3525f30209f97a6cdd0232bd74888466df546c0587eca85dfe74beed9e6cdfafc307d47159782f27b01c1770cf26775c0c
SSDEEP

768:+31x1RHebU7uLSM2OmFvBfJ3px2oQRZM978LMaOxA0+KwumKBt/uqfcBaLt3OLtB:ABursvBRpGZM91a6A3K3FLt3O

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d62a1584a000c55bf9fcfbdd52daee1b

Files

d62a1584a000c55bf9fcfbdd52daee1b
.exe windows:4 windows x86 arch:x86

f6d5554471222a340a8e96fb3e008feb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

BeginUpdateResourceA
CopyFileExA
CreateMutexA
CreateProcessW
ExitProcess
GetCurrentDirectoryW
GetPrivateProfileIntW
GetPrivateProfileSectionW
IsValidCodePage
LocalAlloc
MulDiv
SetConsoleTitleA
SetThreadPriority
lstrlenA

advapi32

BackupEventLogA
ImpersonateSelf
InitializeSid
LogonUserW
LookupPrivilegeDisplayNameW
ObjectOpenAuditAlarmW
OpenBackupEventLogA
RegSetValueExA
SetEntriesInAuditListA

user32

CharPrevA
CloseClipboard
CreateWindowStationA
DrawMenuBar
EditWndProc
GetComboBoxInfo
GetDlgItemTextA
GetKeyboardLayoutList
MapWindowPoints
OemToCharBuffA
ReplyMessage
SendDlgItemMessageA
WINNLSGetEnableStatus
WINNLSGetIMEHotkey

Sections

.text
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE