dffa78b89d1f217b4c55524ba7f02697 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dffa78b89d1f217b4c55524ba7f02697
Size

146KB
MD5

dffa78b89d1f217b4c55524ba7f02697
SHA1

a104d91ee253137a9111904f7609daa00b4c87b4
SHA256

3f5c910302496361cfd72c6d4e77de9234a2c09379fd923ae74fa85f281f75c5
SHA512

c0efdcd83b4ed3dd82706a1b1fca0d39a1b5504a01c8f26d3ae1e7bbf84ce15ecd863f81c1b46aec614b146ee7d01c751d81bbb33019d39f42f49b644dc58068
SSDEEP

3072:4a8FKKOaUhoxyvPGA/RusIcpHVuPlZJA:eEOqhIsIcpHsZJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dffa78b89d1f217b4c55524ba7f02697

Files

dffa78b89d1f217b4c55524ba7f02697
.exe windows:5 windows x86 arch:x86

7a3702a7f93add723993bd5d105365b7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Q:\DtVt\mpAqKgj\ftpU.pdb

Imports

gdi32

GetTextExtentPointW
CreateICW
GetTextMetricsW
SetWindowExtEx
RealizePalette
CreateFontW

shlwapi

StrToIntW
UrlGetPartA

kernel32

LockFile
FoldStringW
FatalExit
SetCommBreak
lstrcmpA
GetThreadTimes
FlushFileBuffers
WinExec

user32

CharUpperBuffW
GetSubMenu
SwitchToThisWindow
IsChild
DialogBoxParamA
SetLastErrorEx
PostThreadMessageW
CharLowerBuffW
EnumWindows
InsertMenuW
CharNextExA
UnloadKeyboardLayout

Exports

Exports

?rn_utxtX__QBD_VGQn@@YGXPAE@Z
?pkcgoypDD_wcexhO_J@@YGMJ@Z
?Z_VOMFVO@@YGPAE_N@Z
?nzd_gsn_lmq___vax_YS_@@YGJD@Z
?_Pb_pjhrwbib_@@YGHM@Z
?MYH__K_Ysmio_@@YGXPAI@Z
?lmtgsge_AZx@@YGH_N_N@Z

Sections

.text
Size: 51KB - Virtual size: 207KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ