d681faf167689278d374a795dcca73ed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d681faf167689278d374a795dcca73ed
Size

111KB
MD5

d681faf167689278d374a795dcca73ed
SHA1

7fce895570bd79020fc24f39fc34a66f93466172
SHA256

33e69a312426be54d0da92035b2147c9416db8270a3c149dae62accee1cf2396
SHA512

87538a546cba8f7bd6e1285d89616ecccd4668bae11df268c867f303e95c5394c1695dc6c685b1ffeaa4dd082ac3dece94677a1cbb954f4af91ded4cffbad522
SSDEEP

3072:bdwtoHijwF6rvD7chlte4qTpmMZq6CD4:Zw2i8UL3chreHpY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d681faf167689278d374a795dcca73ed

Files

d681faf167689278d374a795dcca73ed
.exe windows:5 windows x86 arch:x86

9c6c20a0a626642c1afcb043a9657a11

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetPixel
GetObjectA
SaveDC
GetDeviceCaps
CreatePalette
SelectPalette
RestoreDC
SetMapMode
GetClipBox
DeleteDC
SetTextColor
CreateFontIndirectA
RectVisible
DeleteObject
GetStockObject
GetTextMetricsA
SetStretchBltMode
CreateCompatibleDC
CreateSolidBrush

kernel32

RemoveDirectoryA
lstrlenA
DeleteFileA
GetModuleHandleA
GetWindowsDirectoryA
GlobalFindAtomA
GetSystemTime
GetCommandLineA
lstrcmpiA
lstrlenW
VirtualAlloc
CopyFileA
QueryPerformanceCounter
VirtualFree
RemoveDirectoryW
lstrcmpA
FindClose
lstrcmpiW

user32

TranslateMessage
GetDesktopWindow
GetSystemMetrics
GetDC
GetParent
CharNextA

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ