d6924a02f0cbca3a94e086fb6fd449c9 | Triage

Sharing

General

Target

d6924a02f0cbca3a94e086fb6fd449c9
Size

279KB
MD5

d6924a02f0cbca3a94e086fb6fd449c9
SHA1

2339603daadce3ed163238efd799a98bdc162be4
SHA256

9a26b61b6bc06fa57311100e7bf11c354b28e0c8ec0e20ebc8599f6421e667e4
SHA512

af018f6a366b9db2f7f7589c9a3b0bbfb83c97b94bde36c44c8747abfbfa5c2b5ec06ca9955eb2abb77023497e05315d207c1333aca7f4c4287ecad256c2aeca
SSDEEP

6144:tSmkmeIYLAhJ5VBKKaz8A1RJblqlhtQ8TaYAcNFD:tJ7eILJFlIfblchVTWsFD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6924a02f0cbca3a94e086fb6fd449c9

Files

d6924a02f0cbca3a94e086fb6fd449c9
.exe windows:4 windows x86 arch:x86

57f6758a0bb903e722c6e3db1ce0ae54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindClose
SetStdHandle
GetFileType
GetCommandLineA
IsBadCodePtr
ExitThread
GetModuleHandleA
FindAtomA
HeapFree
VirtualProtectEx
RemoveDirectoryA
ReleaseMutex
GetDriveTypeW
GetVersion
ResetEvent
GetSystemTime
RemoveDirectoryA
WriteConsoleA
WriteFile
SetEvent
CreateDirectoryA
FindClose
SetVolumeLabelW
CreateMailslotA
CreateEventA

uxtheme

GetThemeTextMetrics
IsThemeActive
DrawThemeEdge
GetThemeSysSize
GetThemeTextExtent
SetWindowTheme
DrawThemeBackground
CloseThemeData
CloseThemeData
OpenThemeData
GetWindowTheme
GetThemeRect
GetThemeColor

rasmxs

DeviceEnum
DeviceEnum
DeviceEnum
DeviceEnum

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ