d6cf05ac56feaf499d9709b38172bc9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6cf05ac56feaf499d9709b38172bc9f
Size

338KB
MD5

d6cf05ac56feaf499d9709b38172bc9f
SHA1

8b5cb0cf2402c311a0371f83ad64eda0eddf5ac7
SHA256

ce80f627277df360551c669c505695e32202685cde131b85d0d90a77302c0c34
SHA512

7db91e91c867337148e4fe169cdbb637542377277ad8f6162465e629631f1416727faba53298e7e2519a22a6da945961ccf083b087f4fc9f0836ed000fc73802
SSDEEP

6144:uAAWgjGcZFjbcKGRPnOmFYv+1FjvQjwyILvNPl+NyCC4uaOwBvsLdCR:/CFbRGRxYGPjvQ8yILFPl+NKwBG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6cf05ac56feaf499d9709b38172bc9f

Files

d6cf05ac56feaf499d9709b38172bc9f
.exe windows:4 windows x86 arch:x86

2ff7cbfa2b7a718de523270c2a78d01b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStartupInfoA
SizeofResource
LockResource
EnumCalendarInfoW
LoadResource
FindResourceA
LocalAlloc
LocalFree
CreateFileA
lstrcmpA
GetFileAttributesA
GetProcAddress
GetModuleFileNameA
GetTempPathA
DeleteFileA
CloseHandle
GetCurrentDirectoryA
GetLocalTime
FindClose

oleaut32

LPSAFEARRAY_UserFree
CreateErrorInfo
VarUI1FromI1
GetErrorInfo
SetErrorInfo
VariantInit
SysFreeString

gdiplus

GdiplusShutdown
GdiplusStartup

Sections

.text
Size: 216KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE