020bffc2641e69fedf1035593b90af99 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

020bffc2641e69fedf1035593b90af99
Size

172KB
MD5

020bffc2641e69fedf1035593b90af99
SHA1

c2d88cc52a3086243c7afc9146ad7c3c08ce9b00
SHA256

3d86f0a6b11ebb5c1aa490a1bfe546a570f5c2b304642b1585c0f58c2837255f
SHA512

98ca2021cbce9b7b497c41c6f2ebf48e648178d3bbab6c7f7c29a59212ed7a6eee1c335e3c73c49de01f8e65c61eebd12e2455eecceed645b7159c5b03b5867d
SSDEEP

3072:trUqdgaP2McXRytCwsD8BRvGNBiJgCRI3XSZGNtOZZatjTSGO31qDjEHqgvFB3hY:pUqmiERdD6RosknShs7OjvFRC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
020bffc2641e69fedf1035593b90af99

Files

020bffc2641e69fedf1035593b90af99
.exe windows:5 windows x86 arch:x86

e57da2e677fc67c182b44948e99e7c71

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDlgItemTextW
DestroyAcceleratorTable
GetWindowLongW
EndPaint
IsWindowVisible
GetShellWindow
LoadBitmapA
GetClassInfoExA
GetUpdateRgn
GetTopWindow
LoadIconA
PtInRect
LoadImageW
LoadStringA

gdi32

StartDocW
GetViewportOrgEx
GetDIBits
GetTextMetricsA
GetTextExtentPoint32A
CreateFontW

kernel32

ExitProcess
HeapUnlock
Sleep
SetThreadExecutionState
SetCurrentDirectoryW
GlobalReAlloc
SetFilePointer

comctl32

InitCommonControlsEx
ImageList_GetImageCount
DestroyPropertySheetPage
CreateStatusWindowW

msvcrt

exit

shlwapi

StrChrIA
ChrCmpIA
StrCmpNIA

Exports

Exports

?qehaA__Dj@@YGPAI_N@Z
?VOl_blPZRK_@@YGFNG@Z
?cbloSm__bsezb_qCX_@@YGXE@Z
?c__LQU_Lb_f_f_qFT_CWY@@YGKN@Z
?BNMiorysJQUNjfnqYO@@YGKDD@Z

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 150KB - Virtual size: 310KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ