617b5d79049fd1a051639c42997a18de9a2e4f7f89a68ae8dbc86e2c932284fbN[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

617b5d79049fd1a051639c42997a18de9a2e4f7f89a68ae8dbc86e2c932284fbN.exe
Size

39KB
MD5

b36eafa5113e723c2377529991bf80a0
SHA1

ffe8e73f378b8cdb3382349ba32be548979fcca5
SHA256

617b5d79049fd1a051639c42997a18de9a2e4f7f89a68ae8dbc86e2c932284fb
SHA512

700a526c1c5c77abcc3db9ea4c375528aaba4413bf5272d97321b1b887b50eef18cb10d3b3f48d407ddb631d21dfa05bb499f10b96ba5745a03b56d7f25b7cec
SSDEEP

384:Eib77cxu8uODd9HdIcDSqCorvALYdqP9AQQ2H2UkA06MzglkRn8ZcVJjwmmksxrZ:Dcfuej9IJTLYw+uWVhzgon8OViN9Gz5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
617b5d79049fd1a051639c42997a18de9a2e4f7f89a68ae8dbc86e2c932284fbN.exe

Files

617b5d79049fd1a051639c42997a18de9a2e4f7f89a68ae8dbc86e2c932284fbN.exe
.exe windows:5 windows x86 arch:x86

78cc179e4d4a358ec0b525fafc43cdee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
ShowWindow
RegisterClassExA
UpdateWindow
PostQuitMessage
MoveWindow
MessageBoxA
LoadIconA
LoadCursorA
GetMessageA
DispatchMessageA
EndPaint
DestroyWindow
DefWindowProcA
CreateWindowExA
TranslateMessage
BeginPaint

kernel32

GetProcAddress
GetModuleHandleA
GetLastError
GetCommandLineA
ExitProcess
CreateFileA
LoadLibraryA

gdi32

CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
DeleteObject

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 400B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ