bbf5681c87be8a19467b46f27974e4a0_exe32[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bbf5681c87be8a19467b46f27974e4a0_exe32.exe
Size

48KB
MD5

bbf5681c87be8a19467b46f27974e4a0
SHA1

123b11a828712e083bc0513888cfc0178a99bdeb
SHA256

dd48c5b32f4c5ef52e07558952cde850b45b7837213353274dd85d769f53ceeb
SHA512

10f5f8167409f2a5edbbbbc9021200230f6094c39010fc9b459367141f1b5a1cb32e26bd8000b21f07f362f448ba73d444047a35d3e19af843d36aa467cb8e32
SSDEEP

768:X5B6NrvEIC1wBCQNjlm+1nAmSLyz86KyIXa1axbZX3htWwa8yEsZ:X6NIIC1wBCgjlm+OmSLMwaJEsZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bbf5681c87be8a19467b46f27974e4a0_exe32.exe

Files

bbf5681c87be8a19467b46f27974e4a0_exe32.exe
.exe windows:4 windows x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ