defd4df77ed2da40d8e0f64e7f846b3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

defd4df77ed2da40d8e0f64e7f846b3d
Size

166KB
MD5

defd4df77ed2da40d8e0f64e7f846b3d
SHA1

7e6bddb79c63e18b098d2d04cd55fa0526fe2ac1
SHA256

d500461f7710c5c318595ed483654187e7880c9ac9e7f0f0626219b0a2bd2678
SHA512

ef4b958aa0b9dc3fda13c59a6ce1088d323be0327145e48b552a79f15b9bca92fb0e2830c1580e3796b19dc7e6772dbfe76d4a3bce6874220f7ccd3db5515254
SSDEEP

3072:OuH2IoYHjeF2+zri0Ormc2+jLBWi9/L4xYGzhZbhDoC:d2bUjp0QmX2BZVG9l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
defd4df77ed2da40d8e0f64e7f846b3d

Files

defd4df77ed2da40d8e0f64e7f846b3d
.exe windows:4 windows x86 arch:x86

77b34bce6687472bcd0995c12d5e68aa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetDeviceCaps
DeleteObject
GetTextExtentPointA
GetTextMetricsA
SelectObject
CreateFontIndirectA

kernel32

MultiByteToWideChar
GetThreadLocale
GetVersionExA
GetCPInfoExA
GetACP
QueryPerformanceCounter
GetLocaleInfoA
InitializeCriticalSection
WideCharToMultiByte
EnterCriticalSection
GetEnvironmentStringsW
GetLastError
LeaveCriticalSection
GetFileType
GetTickCount
RaiseException
UnhandledExceptionFilter
FreeEnvironmentStringsW
HeapSize
EnumResourceTypesA
GetStartupInfoA
WriteFile
GetOEMCP
TlsSetValue
LoadLibraryW
DeleteCriticalSection
GetStdHandle
lstrlenW
InterlockedIncrement
SetHandleCount
GetCPInfo
GetEnvironmentStrings
InterlockedExchange
FreeEnvironmentStringsA
TlsGetValue
GetCurrentProcessId

msimg32

AlphaBlend
TransparentBlt

ole32

CoGetMalloc
CoTaskMemFree
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemRealloc

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ