de664cc75887c42c732e1263ec7a7c7b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

de664cc75887c42c732e1263ec7a7c7b
Size

717KB
MD5

de664cc75887c42c732e1263ec7a7c7b
SHA1

c948ff598eb9ff41bbb72dfcccc36de4c4207910
SHA256

335c160bae22a712d2073fa8c873882da2e1c7f1e3bcdee0e1af012cd87e3727
SHA512

65936fff85586cd0512fc28038e4d363c895a81c4dd1fc985d3616b23de8e675c7bc94342046f5bb157d40d78bb89cbd3eb45e7e0908d1739a4e0074e727854c
SSDEEP

12288:LXICdNLcDtf+8gyUh4schbecWNflC56yjT61HD7KzC0EVzduglFj6C:znd6DjTaLchbeckflRyjTsEazdugh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
de664cc75887c42c732e1263ec7a7c7b

Files

de664cc75887c42c732e1263ec7a7c7b
.exe windows:4 windows x86 arch:x86

1edca2f26a7dfc84542d16350d6a8638

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
InterlockedExchange
GetVersion
FindAtomA
GlobalUnlock
GetModuleHandleA
LoadLibraryExA
SetEvent
GetConsoleCP
HeapReAlloc
WaitForSingleObject
HeapWalk
CompareFileTime
VirtualProtect
ResetEvent
TlsFree
GetProfileIntA
GetACP
lstrlenA
GetAtomNameA
GetTickCount

user32

GetMenu
ScrollDC
GetMenuStringA
SetWindowPos
GetSubMenu
ShowWindow
GetWindowTextA
EqualRect
DispatchMessageA
CopyRect
GetKeyboardLayout
GetScrollRange
DestroyMenu
UpdateWindow
PostMessageA
DialogBoxParamA
InflateRect
TranslateMessage
SetSysColors
GetDlgItem
PostQuitMessage
ModifyMenuA
InsertMenuA
LoadIconA
GetWindowLongA
MessageBoxA
GetParent
SetPropA
EnableScrollBar

msi

MsiCloseHandle
MsiEnumProductsA
MsiDoActionA
MsiEnumClientsA
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ