69dd19c793774f9009cc96d57efe40d0N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

69dd19c793774f9009cc96d57efe40d0N
Size

116KB
MD5

69dd19c793774f9009cc96d57efe40d0
SHA1

ca9f53402b31a24cee90c71d040cff722d03b824
SHA256

b8c286767cd7e54a60e3db778fbe46941e772e9fab17c090eb48581acbae4410
SHA512

fdee59f08a9fcea714e7b5f9f1c5833a19f96da5e2e49bd08ad09037e6c11b6920724d52edda12b655b5d09dc9421562f095224501de1d3d3dcb03341c618d60
SSDEEP

768:1MTLFoLgpF2jDrJNDVUG93jMyPIGjAHlC5/p:16Z/pkFcGtjP5OsX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69dd19c793774f9009cc96d57efe40d0N

Files

69dd19c793774f9009cc96d57efe40d0N
.exe windows:4 windows x86 arch:x86

b2e35b18f9f5065cb7918a2779c873ab

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

shell32

ShellExecuteA

kernel32

CreateMutexA
CreateFileA
CopyFileA
CreateThread
DeleteFileA
CloseHandle
FindClose
ExitProcess
FindNextFileA
GetCurrentDirectoryA
GetDateFormatA
GetDriveTypeA
CreateToolhelp32Snapshot
FindFirstFileA
GetSystemDirectoryA
GetTickCount
GetWindowsDirectoryA
GlobalAlloc
GlobalFree
OpenProcess
Process32First
GetFileSize
ReadFile
SetCurrentDirectoryA
SetFilePointer
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
WriteFile
GetLastError
Process32Next
GetCommandLineA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey

wsock32

WSAStartup
WSAGetLastError
WSACleanup
closesocket
gethostbyname
htons
recv
send
socket
connect

Sections

��t
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��ta
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE