d63842e508416d2b07289c0c3c1d1e70N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d63842e508416d2b07289c0c3c1d1e70N
Size

6KB
MD5

d63842e508416d2b07289c0c3c1d1e70
SHA1

9d84761aee8168f7da1a8032605ec2cf9a38fee3
SHA256

cf41afa9a8589f61cb42b5793d612f5a363d835c6478e367cd552a71becc4db5
SHA512

b82207e63994b4bbbcc051ea4475cd92a9e888351ede3c3a2f30d6ede81ff974357109b885ddb06a84a17a9e4e1611c07c7659a90030fdec8348758dea83b0ba
SSDEEP

96:/O14Ec/AxHDM/tWQK+e/nEiURiACnycAis9AgeV+Rpg:/hEThnSkycAR9Agr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d63842e508416d2b07289c0c3c1d1e70N

Files

d63842e508416d2b07289c0c3c1d1e70N
.exe windows:4 windows x86 arch:x86

32fad061a7254a796f6f25a2966f1ee2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
SetTimer
RegisterClassExA
PostQuitMessage
KillTimer
GetMessageA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
wsprintfA

kernel32

SystemTimeToFileTime
WinExec
lstrlenA
lstrcpynA
lstrcpyA
CloseHandle
CreateFileA
DeleteFileA
ExitProcess
GetCommandLineA
GetLastError
GetModuleHandleA
GetSystemDirectoryA
GetSystemTime
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
ReadFile
Sleep
lstrcatA

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

wsock32

inet_ntoa
htons
gethostbyname
WSAStartup
socket
listen
bind
WSACleanup
closesocket

wininet

FindNextUrlCacheEntryA
FindFirstUrlCacheEntryA
DeleteUrlCacheEntryA
InternetGetConnectedState

urlmon

URLDownloadToFileA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE