e06fcd6e61df2ea33abe0327b7ebf8c5 | Triage

Sharing

General

Target

e06fcd6e61df2ea33abe0327b7ebf8c5
Size

814KB
MD5

e06fcd6e61df2ea33abe0327b7ebf8c5
SHA1

3e102c71b17b258bb6f68842bee0557db6359e69
SHA256

a4ff5c6f03b019eb78281b2bc5d9399555ce7418111bfa052b229c38db65710f
SHA512

12fe7d1ec7cfaa1aaa76196edee8571a0724fe048665e25d75278a151a5953fe5638a60623608f4c583a6760635b19900b8d2987d50da88966b32d74dbcdec47
SSDEEP

12288:3xKD0ClCIazKBpMAH69WcmMmjhmerPnkX9aEDwC3YIiH4SOeVonZp2N90MS4:gD0CMzKfaRwjt1UwC3YIiHjCOd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e06fcd6e61df2ea33abe0327b7ebf8c5

Files

e06fcd6e61df2ea33abe0327b7ebf8c5
.exe windows:4 windows x86 arch:x86

bacf5bfd6f62acd965e65a993788ffa6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalLock
GetACP
CreateFileA
TlsGetValue
LoadLibraryExA
FreeEnvironmentStringsA
ExitProcess
CloseHandle
FindAtomA
CreateFileMappingA
WaitNamedPipeA
GlobalUnlock
HeapCreate
GetLastError
FindClose
GetConsoleCP
Sleep
LocalFree
GetConsoleAliasW
GetModuleHandleA

user32

DefWindowProcW
CheckRadioButton
CallWindowProcA
GetFocus
GetDlgItem
GetIconInfo
DispatchMessageA
DrawFrame
GetDC
CopyRect
FillRect
IsWindow
DrawEdge
MessageBoxA

clbcatq

GetComputerObject
SetSetupOpen
SetSetupSave
GetCatalogObject
InprocServer32FromString

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ