67c1df607f6d32cad6b04967f51c4d1b1914c36140ad94554b3a0e9acf7eae5d | Triage

Sharing

General

Target

67c1df607f6d32cad6b04967f51c4d1b1914c36140ad94554b3a0e9acf7eae5d
Size

68KB
MD5

2414dbaefb9652053186ed5f9df05ce7
SHA1

92bf2a525b4e3188d5e88e3dc1c4ba1d549230a9
SHA256

67c1df607f6d32cad6b04967f51c4d1b1914c36140ad94554b3a0e9acf7eae5d
SHA512

63ebc73a9f9868ddf692dc000cbf379b7b27daa51b24c9b0b5a27a49d8de9264e5863c634d613572d9d21249f05093670d819f2d9f1b596f61a939ce70e4b56d
SSDEEP

384:Ys9FBOkv1h5ycZG+BpBfnicRQJ2AJNR3DxNwRzwgmyesSGT:pTRhTRQ93tORzwJyesSGT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67c1df607f6d32cad6b04967f51c4d1b1914c36140ad94554b3a0e9acf7eae5d

Files

67c1df607f6d32cad6b04967f51c4d1b1914c36140ad94554b3a0e9acf7eae5d
.exe windows:4 windows x86 arch:x86

fff0313143ff8440f241e0f1879d682c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentVariableA
LoadLibraryA
GetLastError
GetModuleHandleA
GetStartupInfoA
GetProcAddress
SetEnvironmentVariableA
IsDBCSLeadByte

user32

MessageBoxA

advapi32

RegQueryValueA

ole32

OleUninitialize
OleInitialize
StringFromGUID2

msvcrt

_acmdln
_onexit
__dllonexit
_controlfp
memcpy
sprintf
strlen
??2@YAPAXI@Z
??3@YAXPAX@Z
strcat
wcstombs
_exit
_XcptFilter
exit
strcpy
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3

Exports

Exports

?gxSplitPath@@YAXPBDPAD111@Z

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 508B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 236B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ