ddee056d66fbfac53952058d84773ae2 | Triage

Sharing

General

Target

ddee056d66fbfac53952058d84773ae2
Size

75KB
MD5

ddee056d66fbfac53952058d84773ae2
SHA1

373f7efd5dfb9bdc2cb344a00ea4c149947d05a4
SHA256

428924bc56d0764ea3870808909f599854642ccec1bf0627899abb3caeefafdf
SHA512

8c13935b6912cbfc20cf9a1c0b06f3442094700ebc8f0d180d5cedf60d0a65c77461d308aa484e7cfd62fdfc7172c24ab27342685a12e81f7e533638a88d221e
SSDEEP

768:cJDDAu45UBjcpmkpd9sOi5a0ELYpTPf7iz/9GDnipERViOPKYCI6KnRrYeHGJFi1:Kcu45UFPaYOCprfskKELiOPfOKeE9X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ddee056d66fbfac53952058d84773ae2

Files

ddee056d66fbfac53952058d84773ae2
.exe windows:4 windows x86 arch:x86

483ec8343fcef50ce35f0821df9b8ff4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetACP
GetVersionExA
IsBadReadPtr
ResetEvent
FormatMessageA
GetLocalTime
CreateEventA
lstrcpynA
lstrcmpA
FreeResource
GetLastError
RaiseException
SetErrorMode
lstrlenW
DeleteCriticalSection
GetCurrentThread
HeapAlloc
GetCommandLineW
GetCurrentThreadId
lstrlenA
CloseHandle
ExitProcess
VirtualAlloc
VirtualFree
GetCurrentProcess

advapi32

GetLengthSid
RegEnumKeyA
RegDeleteKeyA

gdi32

GetObjectA
GetTextAlign
GetBitmapBits
SetPixel
CreateBrushIndirect
SelectObject
GetBkColor

comctl32

ImageList_Destroy

user32

DrawMenuBar
LoadIconA
CharNextA
LoadCursorA
GetMenu
LoadBitmapA

Exports

Exports

00rvSfzRQ5J
_e0hhABxKcZU@20
_WzaysJHTYL
_4IS5qR

Sections

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ