de0ee78b2b4442afcc12ecdb90418c65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de0ee78b2b4442afcc12ecdb90418c65
Size

218KB
MD5

de0ee78b2b4442afcc12ecdb90418c65
SHA1

cef469c2320d7182450e6b99c8ca412bfecb599e
SHA256

d2b4bc702f07daaa73735d88499e5bb5da2a7839ef2cbcdbdb39d6b466573c36
SHA512

47adabc991b4f48e3517cac4edaeef6c7d5fff5902bc251b4a2df58672b9bea95cbaa94bcdd63507695f41701bd67c47fc69a35394fb4842a4a13f16cfe69570
SSDEEP

6144:WcGlAB2qhtrFd1t4Auychw7OG7r4l1O3py:pZ2qPjtuychVl1Wo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de0ee78b2b4442afcc12ecdb90418c65

Files

de0ee78b2b4442afcc12ecdb90418c65
.exe windows:5 windows x86 arch:x86

8b62e83cbe6134f51ec2467c4beeab48

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

RaiseException
QueryDepthSList
LZCopy
GetCurrentThreadId
SetThreadPriority
GetCurrentThread
GetThreadPriority
Sleep
WaitForMultipleObjects
TryEnterCriticalSection
OpenEventW
ReleaseMutex
OpenMutexW
CreateMutexW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingW
CreateFileMappingW
ExitProcess

user32

PostMessageA
UpdateWindow
SendMessageA
LoadCursorA
SetCursor

odbc32

SQLGetTypeInfoW

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 772B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 643KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ