097d2b5fb6373116549e11a0732e7188 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

097d2b5fb6373116549e11a0732e7188
Size

61KB
MD5

097d2b5fb6373116549e11a0732e7188
SHA1

a2e51022e28b2e1cfa2f50604d18be5ffc1c4d8e
SHA256

005fa15d678dbc9a2cb4e3cc31bbefd13fcd469fbd9a2ede5ca298552562b659
SHA512

62e64a57f4081b12ab5d5805fc1f2b52e8341ab9973116178bcbb850a5529bdeabadf224f2c7d3e9b980d94536265730b509e3c280bfabd830c81206206c5e49
SSDEEP

768:EX5FTnzmnKrlK5rdLvS5tk1KzxBOMYCzKFOx1fbWmRkiqT498cm:EXvZU5rdLvSDzxAMOa9P9G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
097d2b5fb6373116549e11a0732e7188

Files

097d2b5fb6373116549e11a0732e7188
.exe windows:4 windows x86 arch:x86

a2664d7b4222cdc92ffa02f912fd462f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeProcess
GetFileTime
WriteFile
DeleteFileA
CloseHandle
CloseHandle
lstrlenA
FindClose
GetModuleHandleA
GetStartupInfoA
GetModuleFileNameW
DeviceIoControl
Sleep
HeapCreate
GetDriveTypeW
GlobalSize
GetCommandLineA
GetTickCount
GetConsoleTitleW
GlobalFlags

user32

GetParent
SetFocus
DispatchMessageA
CallWindowProcW
DrawTextW
IsZoomed
BeginPaint
FillRect
DestroyWindow
DispatchMessageA
LoadImageA
GetWindowLongW
PeekMessageA

hhsetup

??0CFolder@@QAE@XZ
??0CFolder@@QAE@XZ
??0CFolder@@QAE@XZ
??0CFolder@@QAE@XZ

wininet

FtpCommandA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE