6394afff1dcff985baf638f8617849626f70d855299205cdf975be3068087ea0N[.]exe | Triage

Sharing

General

Target

6394afff1dcff985baf638f8617849626f70d855299205cdf975be3068087ea0N.exe
Size

32KB
MD5

e8cde05b57b13187fa9aeb63626bba90
SHA1

a0e4107ad8290486c3af186b2df6ad0874a245d0
SHA256

6394afff1dcff985baf638f8617849626f70d855299205cdf975be3068087ea0
SHA512

b998a26f41c4081778f6954c454489ac0eb297ca3fc3f2b5a91bf4cbf36ea2d61522dfb9607b11431381b6b72d4a23274edb8740755f4d67ad094150eb8f7484
SSDEEP

768:enKJTHi5+PKFzIqK9+w20krMTlMtHcox0B:enKRHiAPKxIqwzlCtHz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6394afff1dcff985baf638f8617849626f70d855299205cdf975be3068087ea0N.exe

Files

6394afff1dcff985baf638f8617849626f70d855299205cdf975be3068087ea0N.exe
.exe windows:4 windows x86 arch:x86

196d7e73dfbf2fdeb0aa0ed2ee770b19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileA
LockResource
CreateProcessA
FindResourceA
InterlockedIncrement
LoadResource
RtlUnwind
GetWindowsDirectoryA
CloseHandle
SizeofResource
GetLastError
ExitProcess
LocalFree
FormatMessageA
GetModuleHandleA
ReadFile
CreateFileA
VirtualAlloc

user32

LoadCursorA
UnregisterClassA
GetDesktopWindow
ShowWindow
LoadStringA
IsWindowEnabled
CreateWindowExA
PostMessageA
IsWindow
SetWindowTextA
GetActiveWindow
SetFocus
PostQuitMessage
MessageBoxA
wsprintfA
IsWindowVisible
EndDialog
GetParent
SendMessageA
DispatchMessageA
GetWindow
PeekMessageA

oleaut32

SysFreeString
SysStringLen
SysAllocString
SysStringByteLen
SysAllocStringLen
SysAllocStringByteLen

Sections

.text
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 848B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ