d640cc4d03e61138c061a1ec9d92cf8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d640cc4d03e61138c061a1ec9d92cf8b
Size

180KB
MD5

d640cc4d03e61138c061a1ec9d92cf8b
SHA1

1ec87aa9e845973f97a9f732990647f3512ede58
SHA256

2e0ee75b60e96190deffce16a949ab02968646383e404cf1f924a704663591e3
SHA512

6a0362241a0de0061367d70de8ebcb5b191973c0750b7d961755947e0c2d304d434a2fa4bb5e1e57309d9536a687fab8ae8e0fcaec45817cb6ea2f3d474f4928
SSDEEP

3072:vnvzLOIKw5PU/5siiSO3MLN+fFLOeNv0ynoGnjAHvD/zIt0zMfmTn4O0:X+B/JibMLMFLdvnnF+D/Et0ztT4d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d640cc4d03e61138c061a1ec9d92cf8b

Files

d640cc4d03e61138c061a1ec9d92cf8b
.exe windows:4 windows x86 arch:x86

2489bbbadd2df8a9bba681c649dc7ad2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

rpcrt4

I_RpcFreeBuffer
UuidCreate

kernel32

VirtualAlloc
HeapReAlloc
FlushInstructionCache
GetProcAddress
SetUnhandledExceptionFilter
GetCommandLineA
IsBadWritePtr
HeapDestroy
GetSystemInfo
ExitProcess
HeapCreate
SetLocaleInfoW
RtlUnwind
TerminateProcess
VirtualFree
TlsAlloc
ExitProcess
VirtualQuery
SetLastError
VirtualProtect

shlwapi

PathFindExtensionA

user32

GetDC
SendMessageA
GetDlgItemTextA
GetDlgItem
CreateDialogParamA
IsWindow
EnableWindow
GetDialogBaseUnits
WinHelpA
DestroyWindow
IsDialogMessageA
SetDlgItemTextA
ReleaseDC
IsDlgButtonChecked
MoveWindow
SetWindowLongA
UnregisterClassA
ShowWindow
CheckDlgButton
CharNextA

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
StringFromGUID2
CoTaskMemRealloc

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ