dedc6b5b3f75261242feb4ac7a81479a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dedc6b5b3f75261242feb4ac7a81479a
Size

802KB
MD5

dedc6b5b3f75261242feb4ac7a81479a
SHA1

40ea855c5f89a3146ccdef2cab143e4599293b4e
SHA256

b99b88cd3ff50e5ea682c90db55187f96f3765f59ce9fee6459034760465f893
SHA512

60d8a40347266103f2a4ef2d06ee6c591adb06959c7b4ea856508954a7b94c46dfd232dff579a6cc0adb32c820885d75690df9cadcf35ca626b85dc7c98d2c6b
SSDEEP

12288:xxYxSB/RfPI9bUtiyduhSFp/EYIf+qhGn7a2ARb9fAK6NHPwC5rKkv05:QO5g9iIW/DI2sAO936l4CIR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dedc6b5b3f75261242feb4ac7a81479a

Files

dedc6b5b3f75261242feb4ac7a81479a
.exe windows:5 windows x86 arch:x86

5bd30844c0163eb6f6f4aeec2bce30ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
DeleteFileW
GetDriveTypeW
FindAtomW
HeapDestroy
GetModuleFileNameA
GetCurrentThreadId
CreateFileW
VirtualProtectEx
LeaveCriticalSection
GetProcessVersion
SetFilePointer
GetProcessHeap
CreateFileW
DeleteFileW
OpenEventA
GlobalFlags
PulseEvent
SetFileTime
GetVolumePathNameA
GetFileAttributesA
GetModuleHandleA
CreateDirectoryA
GetConsoleMode
InterlockedExchange

user32

SetRect
SetFocus
DestroyMenu
IsMenu
PeekMessageA
DispatchMessageA
GetWindowLongA
LoadCursorA
GetWindowLongA
MessageBoxA
GetWindowTextA
DestroyIcon
wsprintfA

dot3gpclnt

LANGPADeInit
GenerateLANPolicy
ProcessLANPolicyEx
LANGPAInit

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE