200490b96600b169d01641bd3b6d6dc6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

200490b96600b169d01641bd3b6d6dc6
Size

38KB
MD5

200490b96600b169d01641bd3b6d6dc6
SHA1

faa3d7d0955a059f12847902da7b2cd85c8b6f19
SHA256

b0499dfdaf06d6ed0f009c10ba2367077303f6e96128c8a01ce0b0f27a0ad555
SHA512

96bbf064172f4e29186a8abcd48340bf7b3fa21536676d0241b9913f546484fbe1599233c56b93b70d02ed753ca49acc46fbda3d758a21b0d82b84ab44687a6a
SSDEEP

768:94MX2Tc/aNGwYIkF8GUO4HKK7oZGofJkizbTh9I:WMiMa8wk+pzHNoZGoaMh9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
200490b96600b169d01641bd3b6d6dc6

Files

200490b96600b169d01641bd3b6d6dc6
.exe windows:4 windows x86 arch:x86

a13ee2bd542e30b8d805240c3433d2bd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32.dll.

CloseHandle
WriteFile
CreateFileA
DeleteFileA
lstrcpyA
lstrlenA
GetTempFileNameA
GetTempPathA
GlobalAlloc
ExitProcess
GetCommandLineA
GetModuleHandleA

shell32.dll.

ShellExecuteA

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ