68032e3fc8f6d77dac3efc1797f1a4b2a0fe6c32e60438ebc76f6c1b54831de8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

68032e3fc8f6d77dac3efc1797f1a4b2a0fe6c32e60438ebc76f6c1b54831de8
Size

26KB
MD5

4b2103a080e19f90e29837ff199a9782
SHA1

3ac3ec57d731a8b23e6d6a3c98ebd3f5d50c95cb
SHA256

68032e3fc8f6d77dac3efc1797f1a4b2a0fe6c32e60438ebc76f6c1b54831de8
SHA512

f6e923fcd322e8ca0c2732978b138d6c5e6d32e789c7ab22fff313e2b3f4c33d2ba7903b8f6d3ecaf8b83d603769cd35fb0401cfb2d1bd143b290299efac9259
SSDEEP

384:TPHWv6AMlEDPOEo6YpOELjggggggLvggggggggUaocCUT0/MyF+QW:TmvHfYggggggLvggggggggUaocNoknQW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68032e3fc8f6d77dac3efc1797f1a4b2a0fe6c32e60438ebc76f6c1b54831de8

Files

68032e3fc8f6d77dac3efc1797f1a4b2a0fe6c32e60438ebc76f6c1b54831de8
.exe windows:5 windows x86 arch:x86

c2d1423eb41bae4ad3148b856cdcba22

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

LoadIconA

comctl32

ord17

shfolder

SHGetFolderPathA

shell32

DragFinish

msvcrt

exit

Sections

.MPRESS1
Size: 6KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE