68fc3d2cf53b6f0a1af2982c1b3090ba57b3928c8b8cc5ca09ab7f0a5c9aee73 | Triage

Sharing

General

Target

68fc3d2cf53b6f0a1af2982c1b3090ba57b3928c8b8cc5ca09ab7f0a5c9aee73
Size

225KB
MD5

f3e8b03051924e9ec47db0fefc9770bc
SHA1

f276887e378f80c3396389981b8458d0dbe77ff1
SHA256

68fc3d2cf53b6f0a1af2982c1b3090ba57b3928c8b8cc5ca09ab7f0a5c9aee73
SHA512

80124b6340cfdf46f4bf8394e55bcad65b7be81b1e732542e640f62e050c423e9c5f0dea6d25e6798ff57b37d6fb4a27fb2b6a9f29f7e340d0efd4b1cfaf9fa2
SSDEEP

6144:quBsBHd3QY1quQbx3SntMFrfO7c/ci5ESFFZoeKh6:quKzFQbZStMFT+c/cmESDK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68fc3d2cf53b6f0a1af2982c1b3090ba57b3928c8b8cc5ca09ab7f0a5c9aee73

Files

68fc3d2cf53b6f0a1af2982c1b3090ba57b3928c8b8cc5ca09ab7f0a5c9aee73
.exe windows:5 windows x86 arch:x86

08f63ea1116aef643b472e1b0cb7c577

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
RtlUnwind
VirtualFree
ResumeThread
TerminateProcess
GlobalFree
CreateProcessA
GetThreadContext
VirtualQueryEx
LoadLibraryA
FreeLibrary
GlobalAlloc
VirtualAlloc
ExitProcess
lstrlenA
GetTempPathA
lstrcmpA
GetTempFileNameA
FindAtomA
lstrcpyA
lstrcatA
CreateFileA
WriteFile
CloseHandle
WaitForSingleObject
GetLastError
GetCurrentThreadId
OpenProcess
GetModuleHandleA
GetProcAddress

user32

GetCursorPos
wsprintfA
GetWindowRect
IsWindowVisible
EqualRect
OpenInputDesktop
InflateRect
GetThreadDesktop
SetThreadDesktop
FindWindowA
GetWindowThreadProcessId
ClientToScreen
CloseDesktop
GetFocus

shell32

ShellExecuteA

shlwapi

SHGetValueA

advapi32

CreateProcessAsUserA

gdi32

GetBkMode
GetBkColor

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 208KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE