6c58ab2e2c36fd7388aa3138f17802bf117cf30ace00cdd6e6dec5d09b3471a9N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6c58ab2e2c36fd7388aa3138f17802bf117cf30ace00cdd6e6dec5d09b3471a9N
Size

19KB
MD5

f14ffa854e93642b13bccd5b84a951e0
SHA1

005bf5b03f8fa3e5c0c385a8440e43f1a4423da1
SHA256

6c58ab2e2c36fd7388aa3138f17802bf117cf30ace00cdd6e6dec5d09b3471a9
SHA512

91333f1c54308990a98cbd942532d8126ae1e2e979d117dfce42f4da0549274d98baf5727f8cc383f178b0b58e2282454c0d0f6602497a3120a4e9636fc40ce1
SSDEEP

192:jXaNMOhYzUSbf/eV8r2TXmH1qFE3/4v6WSnFbvmTDY:jXaNM0LSbfWbT2HMcQd0Fb3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6c58ab2e2c36fd7388aa3138f17802bf117cf30ace00cdd6e6dec5d09b3471a9N

Files

6c58ab2e2c36fd7388aa3138f17802bf117cf30ace00cdd6e6dec5d09b3471a9N
.exe windows:4 windows x86 arch:x86

6d9db74cafd361e1174e611f06f18f28

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CallNamedPipeA
GetConsoleCP
CreateMutexA
GetThreadPriority
PulseEvent
GetUserDefaultLangID
GetDefaultCommConfigA
VirtualAlloc
GetOEMCP
GetThreadTimes
TlsGetValue
SetEvent
GetExitCodeThread
IsDBCSLeadByte
ReleaseMutex
AddAtomA
GetModuleHandleA
TlsFree
GetThreadLocale
CompareStringA
GetLargestConsoleWindowSize

user32

GetForegroundWindow
CloseWindow
GetClassInfoExA
ShowWindow
GetWindowTextLengthA
IsWindowVisible
ReleaseDC
InvalidateRect
GetActiveWindow
IsIconic
ReleaseDC
ValidateRect
GetFocus
GetWindowTextA
RegisterClassA
GetSystemMetrics
GetWindow
GetDC
GetClassNameA

tapi32

MMCSetServerConfig
MMCShutdown
MMCSetLineInfo
MMCSetPhoneInfo
MMCInitialize

mlang

DllGetClassObject

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ