dde50606845b9f9c24354f4d52782366 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dde50606845b9f9c24354f4d52782366
Size

43KB
MD5

dde50606845b9f9c24354f4d52782366
SHA1

15953197a18687c800d4a94778cd8bc7b0ae831c
SHA256

bb49214f6d3058922c4921d09909ee84e4f98ed97d74471fb70e514a2bde2d43
SHA512

16340ed96075283d1a0ea0b8b51c0da9a4fde3500ea732a528d82b62f555aec60fb3e349648988d24a13cd7f5197d44551e346a5ba107e40b9a8746c2c99a588
SSDEEP

768:mqHZrlm4yP+QB5ln8ivW71fSrAljzvv7Obuh4rs9W6uQL8BLPazmWS+sbmuD:LHZQ+aln8UrARb7Oq4rsA69ELPazml+T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dde50606845b9f9c24354f4d52782366

Files

dde50606845b9f9c24354f4d52782366
.exe windows:1 windows x86 arch:x86

a9c61b12ba7653389c0fcd6107fe4893

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
WriteProfileSectionA
OpenEventA
SetComputerNameW
EnumSystemCodePagesA
CreateFileMappingW
SetFileAttributesW

user32

LoadImageA
CallMsgFilterW
CharNextExA
MessageBoxA
SetWindowsHookA

gdi32

RemoveFontResourceW
GetTextMetricsA
DeviceCapabilitiesExA
LineDDA
GetObjectA
SetICMProfileA
GetTextFaceA
GetEnhMetaFileDescriptionA

Sections

.text
Size: 41KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fasm
Size: 1024B - Virtual size: 812B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data?
Size: 1024B - Virtual size: 670B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ