ffb95cebcc9d35f8c0b9b89eb73d243e | Triage

Sharing

General

Target

ffb95cebcc9d35f8c0b9b89eb73d243e
Size

131KB
MD5

ffb95cebcc9d35f8c0b9b89eb73d243e
SHA1

b0fe658ce1b75697ebac3962f485d88e75d66a2a
SHA256

9d746da656bfd3342e1915c0f9c6e0911d975930cb6d2066aeee860b3e8df02b
SHA512

05bc78e24b71c819d02a99b868772323fd932f7aca9dbc0b872d86d81f2b6f6b7b4c4c280ea485928a9ecff3e0a100a623f490dbcc2ccf0ddad4768532c60a73
SSDEEP

3072:L7okObveISW9HF8hDXT3AnuB61Vbsdka+jR:v7Oje638lkuB618+j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffb95cebcc9d35f8c0b9b89eb73d243e

Files

ffb95cebcc9d35f8c0b9b89eb73d243e
.exe windows:4 windows x86 arch:x86

ee95db37074c842d63ce038f6da8a24b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CharToOemA
CharNextA
GetSysColorBrush
GetMenu
CharLowerBuffA
CharNextW
CharUpperBuffA
IsChild
CheckMenuItem

kernel32

LocalAlloc
lstrlenW
GetCurrentThread
lstrlenA
IsBadReadPtr
VirtualAllocEx
GetCommandLineW
LoadLibraryA
ExitProcess

msvcrt

memcpy
atol
malloc
wcscspn
_acmdln
sqrt
exit
mbstowcs

version

GetFileVersionInfoSizeA
VerQueryValueA

gdi32

CreateCompatibleBitmap
GetBkColor
RestoreDC
GetCurrentPositionEx
SelectObject
CreateBitmap
GetRgnBox
CopyEnhMetaFileA

Exports

Exports

DelB3TUcZQErv
_3JpOzQPU3@4
KDJgC5

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ