f888c1eb93dafe56edf9f87578210530 | Triage

Sharing

General

Target

f888c1eb93dafe56edf9f87578210530
Size

8KB
MD5

f888c1eb93dafe56edf9f87578210530
SHA1

8b506c83769e5563562c9f155ca37d15602437ab
SHA256

77e6059ec1186edddd62fc93b72bd939f5bc414a8d84082155301bb4e078c59a
SHA512

3af1d4d8334856228847da6735256175aa308077053077ca6821231174d3e36a0b75e95dedc578d7496bd097a2a92cb9e8b705bc654339272a258390336da016
SSDEEP

192:f2mrrkqWO4b4Dpp/ncbrGPiCbHG8KDER+yc:eshWJEDp+giC7RKDTB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f888c1eb93dafe56edf9f87578210530

Files

f888c1eb93dafe56edf9f87578210530
.exe windows:4 windows x86 arch:x86

9aa746b42854d78e86e48c9791203b01

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitialize
CoUninitialize

kernel32

lstrlenA
CloseHandle
CreateFileA
WaitForSingleObject
CreateThread
WriteFile
GetVersionExA
GetLastError
WinExec
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
lstrcatA
lstrcpyA
FreeLibrary
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess

user32

GetMessageA
PostMessageA
wsprintfA
UnregisterHotKey
DispatchMessageA
TranslateMessage
SetWindowTextA
ShowWindow
RegisterHotKey
GetDlgItem
MessageBoxA
CreateDialogParamA
DestroyWindow

ws2_32

gethostbyname
recv
send
WSACleanup
WSAStartup
connect
htons
shutdown
inet_addr
socket
closesocket

advapi32

RegOpenKeyA
RegCloseKey
RegSetValueExA

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ