b638b82fd8e8ca1d087c8432bc9822dc0ff0f3ec786a2e321ad9c86ae94f0cd0 | Triage

Sharing

General

Target

b638b82fd8e8ca1d087c8432bc9822dc0ff0f3ec786a2e321ad9c86ae94f0cd0
Size

6.4MB
MD5

fc8ca7266c8b3c414af57472933714f4
SHA1

d1d38c5e7af3689527e79d12c0af74046d448feb
SHA256

b638b82fd8e8ca1d087c8432bc9822dc0ff0f3ec786a2e321ad9c86ae94f0cd0
SHA512

8ece373b7a3c6ee77358b1e34e7c3a252b550d08b33b5ba0fa55e518fd9c047fa4f66dd5db974c78a9b50205fd58d2fe9d4bf3ec9d6893418e0353c151d43346
SSDEEP

196608:My4mzIIwKI7aGar5gKhWkggooQg3PR7vT9:MyLz7lQahgVkggooQg3PR7vT9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b638b82fd8e8ca1d087c8432bc9822dc0ff0f3ec786a2e321ad9c86ae94f0cd0

Files

b638b82fd8e8ca1d087c8432bc9822dc0ff0f3ec786a2e321ad9c86ae94f0cd0
.exe windows:5 windows x86

b45050640641b943f516b33288c6c9b9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree

user32

DestroyWindow

gdi32

DeleteObject

psapi

GetModuleFileNameExW

imagehlp

CheckSumMappedFile

comctl32

InitCommonControlsEx

msvcrt

malloc

iphlpapi

GetInterfaceInfo

advapi32

RegOpenKeyExA

Sections

.text
Size: 5.5MB - Virtual size: 5.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 911KB - Virtual size: 912KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sedata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ