1ab6bba6cdba5357d31c43076f713836 | Triage

Sharing

General

Target

1ab6bba6cdba5357d31c43076f713836
Size

21KB
MD5

1ab6bba6cdba5357d31c43076f713836
SHA1

d37c9d2cd57653ef66a9b678a65a4b046a3ad063
SHA256

bdd9109ff990be204350513d1149b3b037d529f090c6b217a857b95ff48adcc0
SHA512

ed81e0a3265a6c43770d98311b76ce168206daf0b1c37422faf601d520a133b6a5c7d07e0d4d4e05cf829dbffecc46e653660299b8876496977c65063b470b64
SSDEEP

384:s7Dy60AkpNCoUtMncVgMbEF8IWOiChglJgTxSYI+F:s7w8HtMcVgT8Oirqp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1ab6bba6cdba5357d31c43076f713836

Files

1ab6bba6cdba5357d31c43076f713836
.exe windows:4 windows x86 arch:x86

7845f41870bd7c78f622c86f1814d530

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
CloseHandle
WriteFile
CreateFileW
GlobalAlloc
Sleep
GetTickCount
ReadFile
GetFileSize
WinExec
GetFileAttributesW
GetLastError
CreateMutexW
GetStartupInfoA
GetModuleHandleA

user32

ShowWindow
wsprintfW
SendMessageW
MessageBoxW
PostMessageW
FindWindowExW
FindWindowW

shell32

ShellExecuteW

iphlpapi

GetAdaptersInfo

ws2_32

inet_addr

wininet

InternetReadFile
InternetCloseHandle
InternetOpenW
InternetOpenUrlW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
_XcptFilter
_exit
setlocale
exit
wcscmp
memset
wcscat
mbstowcs
strlen
memcpy
??2@YAPAXI@Z
??3@YAXPAX@Z
wcslen
wcscpy
wcsstr
printf
wcsncat
wcsncpy
_wcslwr

Sections

.data
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE