d691af6c2c0c3d73a38441b52dedaafd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d691af6c2c0c3d73a38441b52dedaafd
Size

8KB
MD5

d691af6c2c0c3d73a38441b52dedaafd
SHA1

03d07afdf329ecf64285d49075aaa3cfee2b9f35
SHA256

ba63c7551d61526689187d0450840702449b50bdf9561419acf5a7f728995d45
SHA512

28faa971c5d2a4695361e8c2d87087e82c0547f853223479f5bab22bc2c9340a637dd997daf417923b9b67c8508304590acca6e63716089f08c1436ff899295f
SSDEEP

96:JCwIoiX5lPhLeMMP3+QQ84cJuzLRRoUWdWm2qwMTT+FJJnD3YwZ/in:gwuzZeP3+QQ8LURRopdWcbQD3p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d691af6c2c0c3d73a38441b52dedaafd

Files

d691af6c2c0c3d73a38441b52dedaafd
.exe windows:4 windows x86 arch:x86

a144d9d61c71d97904511c38951f99c6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetTimeFormatA
SetFilePointer
GetDateFormatA
lstrcatA
lstrcmpA
lstrcpyA
GetCommandLineA
ExitProcess
CreateFileA
WriteFile
CloseHandle

user32

GetKeyState
GetMessageA
IsDialogMessageA
LoadCursorA
LoadIconA
PostQuitMessage
RegisterClassExA
SetForegroundWindow
ShowWindow
TranslateMessage
DispatchMessageA
DefWindowProcA
CreateDialogParamA
FindWindowA

comctl32

InitCommonControls

hkl

ord2
ord1

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 858B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ