6e8f1b102637f688486a90c1aa7629433c4d01193662df5b523cd01df05b167cN | Triage

Sharing

General

Target

6e8f1b102637f688486a90c1aa7629433c4d01193662df5b523cd01df05b167cN
Size

175KB
MD5

8a193cd4cfc50bd887b352dab909f750
SHA1

65370cf4d4816fe77d671702f46489e33efb1091
SHA256

6e8f1b102637f688486a90c1aa7629433c4d01193662df5b523cd01df05b167c
SHA512

d7e7654bf821d5e935ec67b1a4deb73f8afc26f06480f820888aabcdbf25fbd0f90c1e2d07a72ecded03bee6d71fcdb9c20b1d7f0931e9d3dabdae46c3d668f5
SSDEEP

3072:rrknrxCvhFS4Q0pCAIS73DzteyLOETAPEbkcyNCymr+0Wbt0q57Toy:Urwhw4Qd3C3DTLOEnxsl0q5Q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
6e8f1b102637f688486a90c1aa7629433c4d01193662df5b523cd01df05b167cN

Files

6e8f1b102637f688486a90c1aa7629433c4d01193662df5b523cd01df05b167cN
.exe windows:4 windows x86 arch:x86

a92fa31ef8294968d6e50f6b5081784f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

user32

CharNextW
TranslateMessage
CharUpperW
SetTimer
DispatchMessageW
KillTimer
SendMessageA
GetMessageW
PostThreadMessageW
GetDC
wsprintfW
UnregisterClassA

kernel32

lstrcpyA
MultiByteToWideChar
WideCharToMultiByte
lstrcpyW
LockResource
GetCPInfo
GetProcessAffinityMask
InitializeCriticalSection
lstrcpyA
lstrlenW
EnumResourceNamesW
GetACP
FindClose
lstrcmpiW
GlobalFree
OutputDebugStringW
GetTickCount
FreeEnvironmentStringsW
GlobalAlloc
GetLastError
GetModuleHandleW

shlwapi

PathCombineW
PathFileExistsW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoUninitialize
CoTaskMemFree
CoInitialize
StringFromGUID2
CoRevokeClassObject
CoTaskMemRealloc
CoCreateInstance
CoRegisterClassObject
CoTaskMemAlloc
StringFromCLSID

Sections

.text
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.isete
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ