19fb68bb49e7d7c01bf4bf8dbe61d05f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

19fb68bb49e7d7c01bf4bf8dbe61d05f
Size

7KB
MD5

19fb68bb49e7d7c01bf4bf8dbe61d05f
SHA1

012cf72ef9b6df1277c4f7e70bb7bbea7f38e80e
SHA256

6f8f06ba14cce16993a4bc6ed40bed251061acf5f28ed108d0fb0eaad71ce1f6
SHA512

d17fcdd1bf1e63a01efba38e1e7306ed0cf20f9f75091b7fbbb8841221000845936b1e3e38e30aa837ae1da103db94f3caef6337650422a98af0cfa132d53dd9
SSDEEP

96:6jt9uXEN1sqAnrR1FJaSBQGfxJ2g+cLCFLdxCJ9jf/1p0gahmusNpl:ae0ktLJaSBQGfxYg+6CBuJ9b/1ptus

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19fb68bb49e7d7c01bf4bf8dbe61d05f

Files

19fb68bb49e7d7c01bf4bf8dbe61d05f
.exe windows:4 windows x86 arch:x86

b4fc4eed29b6f5b6a66ed09323533945

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetExitCodeThread
GetFileSize
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
GetVersionExA
GetWindowsDirectoryA
ExitProcess
GlobalFree
GlobalLock
GlobalUnlock
Sleep
TerminateThread
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
DeleteFileA
CreateThread
CreateMutexA
CloseHandle
CreateFileA
CopyFileA
GlobalAlloc

user32

PostMessageA
PostQuitMessage
RegisterClassExA
SetTimer
IsWindow
wsprintfA
CreateWindowExA
DefWindowProcA
GetClassNameA
GetWindowTextA
GetForegroundWindow
DispatchMessageA
GetMessageA

wsock32

WSAStartup
WSACleanup
gethostbyname

shell32

ShellExecuteA

wininet

InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA

advapi32

RegCreateKeyExA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
RegSetValueExA
RegCloseKey

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE