d6720ac17d61761a60b2b3fd81de1154 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6720ac17d61761a60b2b3fd81de1154
Size

187KB
MD5

d6720ac17d61761a60b2b3fd81de1154
SHA1

1100332ed2873e5f09a92a3441c72a8e634ccba8
SHA256

b5d879ee5917129ff3f799a474837259d72d7f2cf74ca074b578ce516e18580b
SHA512

9cdf7da0785270f5782fa5e59e96636fd6b730beebd6987b4d7a2305593a6ec9e41116f28160cfa3f41de9939ec21f614b386020ca044984c00729e983ba442a
SSDEEP

3072:wAkenfnLKlxAC5dfGBOigP+41+/H3HqiYJeiOmNCKskVLjlRm9ay3ypcfB:TbLKll5dG2P+41wjizVLjDCaVQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6720ac17d61761a60b2b3fd81de1154

Files

d6720ac17d61761a60b2b3fd81de1154
.exe windows:4 windows x86 arch:x86

98b4e7a9558bf48efac5a6b68354aa83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

winmm

mciSendCommandW
sndPlaySoundW

shlwapi

PathAddBackslashW

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

GetConsoleMode
InterlockedDecrement
AddAtomW
GetEnvironmentVariableW
SetLastError
MapViewOfFile
WriteConsoleW
GetConsoleCP
TlsFree
LoadLibraryExW
GetLastError
CreateFileW
CreateFileA
GetProcAddress
ExitProcess
EnumResourceNamesA
UnmapViewOfFile
TlsSetValue
TlsGetValue
GetVersionExW
GetModuleHandleW
HeapAlloc
CreateFileMappingA
GetProcessHeap
IsBadStringPtrW
InterlockedIncrement
GetTempPathW
GetVersionExA
HeapFree
TlsAlloc
FlushFileBuffers
GetModuleHandleA
Sleep

Sections

.text
Size: 97KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ