d6e2005313f39d37e2d3cff3895a40e2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d6e2005313f39d37e2d3cff3895a40e2
Size

227KB
MD5

d6e2005313f39d37e2d3cff3895a40e2
SHA1

25506342e2b571cf5e7840b73051efaa4fc885ab
SHA256

ff64337b2fbc28d6dc8553b996be6c1b73edc5047fc31b06790fe19010693946
SHA512

0300ac8a9f3b5cacb860cb4824223f2aaa705a0c3adf650422b7c90b1d5ec0a88f537b33a85b877d5add9ed8e5e679a882a2167d4242e72f28e7ddd719bd6d20
SSDEEP

3072:V9lHp4ABsiNSEZHcAdS1rMLffdRUiy026i5X+HlWI3Fcq6xYWXrYpBdoSk5X5r3:V9lHpFgyqiL/yb+Hl1Vc57kAF5T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d6e2005313f39d37e2d3cff3895a40e2

Files

d6e2005313f39d37e2d3cff3895a40e2
.exe windows:4 windows x86 arch:x86

90c2b1489b8ba4cea55f7f0ce8230e2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

CommConfigDialogW
CopyFileW
DeleteFileW
ExitProcess
GetCommMask
GetMailslotInfo
LocalShrink
SetLocaleInfoA
_lcreat

advapi32

BuildSecurityDescriptorW
ClearEventLogA
CryptAcquireContextW
CryptEnumProviderTypesA
CryptVerifySignatureW
EnumDependentServicesA
EnumDependentServicesW
InitializeAcl
SetEntriesInAuditListW

user32

CharUpperBuffW
DeleteMenu
DrawMenuBar
GetClassWord
LoadCursorFromFileW
MapVirtualKeyW
RegisterClassExW
RegisterTasklist
ScreenToClient
SetClipboardData
ShowOwnedPopups
wsprintfW

shell32

DragAcceptFiles
DragQueryFileA
DragQueryPoint
ExtractAssociatedIconExA
SHGetPathFromIDListA
SHGetSpecialFolderPathW
SheChangeDirA
SheGetCurDrive
SheGetPathOffsetW
SheShortenPathA

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 223KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ