665dbbc414b5d82afb88bfc9bf0b38a757b8d289adc0defdd4b4acebc20aebbfN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

665dbbc414b5d82afb88bfc9bf0b38a757b8d289adc0defdd4b4acebc20aebbfN
Size

320KB
MD5

1951289ddbf0938ce0eaec18d35c2fd0
SHA1

22ab13bc96a1a5de13d2604495cba1007f3dba07
SHA256

665dbbc414b5d82afb88bfc9bf0b38a757b8d289adc0defdd4b4acebc20aebbf
SHA512

817788970c82f818004ef7e8c455dc4c9052a248eefa27ab7b7a36f70cb7f725f78a44d5e69495d07b2356f96db77488d67cc70c807d39724797e15847296010
SSDEEP

6144:1LrEWiGKO9gIFD7py1d/99GxqI7lWA/LtC6DaRNAk93gBdk4mW3:ZrXMOic1sUxXxWKZLwSSgB2W3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
665dbbc414b5d82afb88bfc9bf0b38a757b8d289adc0defdd4b4acebc20aebbfN

Files

665dbbc414b5d82afb88bfc9bf0b38a757b8d289adc0defdd4b4acebc20aebbfN
.exe windows:4 windows x86 arch:x86

debb6d33f32eddf8616e9adb08b7a81a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
GetTapeStatus
GetModuleHandleA
HeapCreate
GetACP
HeapDestroy
InterlockedExchange
GetTimeFormatA
GetCurrentProcessId
CreateIoCompletionPort
LoadLibraryExA
GetProcessHeap
GetLogicalDrives
GetEnvironmentStringsA
GlobalMemoryStatus
GetCurrentThread
HeapQueryInformation
GetProcessVersion
GetStdHandle
VirtualProtect
IsDebuggerPresent

user32

DrawTextA
FillRect
EndPaint
GetTitleBarInfo
wsprintfA
BeginPaint
GetParent
GetCursorPos
ShowWindow
SetForegroundWindow
GetWindowTextLengthA
GetFocus
SetActiveWindow
GetWindow
FrameRect
ReleaseDC
GetDlgItem
DragDetect
GetClassNameA

advapi32

RegFlushKey
RegCreateKeyA
RegCloseKey
RegSetValueExA
RegEnumKeyA

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 720KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ