e6f6f686c20a800a6f6c4e2182161a3ccb26e1daad13360ac6dfea8d20df34c6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e6f6f686c20a800a6f6c4e2182161a3ccb26e1daad13360ac6dfea8d20df34c6
Size

22KB
MD5

d95661d49412d7c73bc139718e876e07
SHA1

a212598824c0b16b780dc414c8b6192e4e48a709
SHA256

e6f6f686c20a800a6f6c4e2182161a3ccb26e1daad13360ac6dfea8d20df34c6
SHA512

2e5c09a4c138c74d99e84456fc4d692a257afabad8e1083167c2d1a0022b65b432364840830b738f97706ef2a5732ffdc1bb29517e8595a7e4e9b384ef6a63a1
SSDEEP

192:ce++vN1drreyJhM0+K+JnJnieZp4CrkJ5m7GKSQjqPL+1C8Mmj/:cY11/A7Jirv5wjSyC8M4/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e6f6f686c20a800a6f6c4e2182161a3ccb26e1daad13360ac6dfea8d20df34c6

Files

e6f6f686c20a800a6f6c4e2182161a3ccb26e1daad13360ac6dfea8d20df34c6
.exe windows:4 windows x86 arch:x86

3bf52cce958af28c47ecfbb6d0a01caa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetWindowTextW
SetCapture
GetActiveWindow
IsChild
SendMessageA
MessageBoxA
TrackPopupMenu
CreateWindowExA
TranslateMessage
DispatchMessageA
GetMessageA
PostQuitMessage
ShowWindow
FlashWindowEx
GetKeyState
TranslateAcceleratorA
RegisterClassA
DefWindowProcA
GetDlgItemTextA

kernel32

GetProcessHeap
GetModuleHandleA
CloseHandle
GetVersionExA
ExitProcess

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 268B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 232B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.htext
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE