4638b936d235455fb2e79583b206dba30f4f3276e14e11c1fa17c03876bdaab6 | Triage

Sharing

General

Target

4638b936d235455fb2e79583b206dba30f4f3276e14e11c1fa17c03876bdaab6
Size

68KB
MD5

060e60129ecc29407152ed09631b5802
SHA1

694415c0106c41fb64e6f9b03d7c92076863fae8
SHA256

4638b936d235455fb2e79583b206dba30f4f3276e14e11c1fa17c03876bdaab6
SHA512

74496bd48f864fc7b25b3f3232ea615f69f3b4a51751f1ab233331f09763be36fdd256993aa17808aa3f2215b5a71900113131360830d65c0a43a9b2c82a1507
SSDEEP

768:DqlNpFN0odo2dgOx68knRtubZDXDetLjOEJivd3P4NpMGLZ3/ArsJdcQWw/:ulXIom2dgeTkRgljSWd/A7YwL3W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4638b936d235455fb2e79583b206dba30f4f3276e14e11c1fa17c03876bdaab6

Files

4638b936d235455fb2e79583b206dba30f4f3276e14e11c1fa17c03876bdaab6
.exe windows:4 windows x86 arch:x86

4d8b57ca0418ac7e182a7fd239260bd9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefDlgProcA
GetMessageA
SetFocus
InsertMenuA
IsCharUpperA
FindWindowExW
wsprintfA
FindWindowExW
DispatchMessageW
DrawEdge
DrawTextW
CharToOemA
LoadBitmapA
GetClassInfoW
IsDialogMessageW

rsaenh

CPCreateHash
CPDeriveKey
CPEncrypt

kernel32

CreateMutexA
lstrcpyA
GetFileSize
FormatMessageA
LoadLibraryA
GetDateFormatA
WriteConsoleW
GetLongPathNameA
ReadFile
CreateWaitableTimerW
DeleteFileA
GetSystemTime
GetLocalTime
MoveFileA
GetProcAddress
OpenMutexW
HeapFree
GetLocaleInfoW
InitializeCriticalSection
GetACP
SearchPathW
WaitForSingleObject
SetLastError

qutil

FreeFixupInfo
FreeSoH
FreeConnections
AllocConnections
AllocFixupInfo

Sections

.text
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ