02b1889a5772c12c2889726d8eef3777 | Triage

Sharing

General

Target

02b1889a5772c12c2889726d8eef3777
Size

293KB
MD5

02b1889a5772c12c2889726d8eef3777
SHA1

62dc20aa3bfcbdc6f804721d1b2835783a46d774
SHA256

31bddde81c74686df138e03b979376d8438e428089304e8964b8ba10d928020d
SHA512

02e82bfa1601f25b72e22eeec7feb21dfb6c07c8b290201617740710f0b8f04ab4dd5e62807d60aa7875f270b6901940234878b145599b685946b5c1bda36460
SSDEEP

6144:4pz1Sw14rzgA+6pzCnEElKg8Jt4fArDst43Iu7VRT:iqgA+6pzOEE8CfArDsW3I8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b1889a5772c12c2889726d8eef3777

Files

02b1889a5772c12c2889726d8eef3777
.exe windows:4 windows x86 arch:x86

894d582cce628823c6bae33b052b9451

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
GetStartupInfoA
GetEnvironmentVariableW
SetConsoleCP
GetFileAttributesA
OpenEventW
WriteConsoleA
CreateFileA
GetCommandLineW
ExitProcess
SetLastError
ClearCommBreak
GetModuleHandleA
DeleteFileA
ResetEvent
GetTickCount
HeapSize
OpenProcess
ReleaseMutex
VirtualAllocEx
SetEvent

user32

GetDC
PeekMessageA
GetCaretPos
DispatchMessageW
GetKeyState
DispatchMessageW
GetClassInfoA
GetSysColor
GetWindowLongA
CallWindowProcW
GetDC
GetCursorInfo
FindWindowA

linkinfo

CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA
CreateLinkInfoA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 428KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ