588af60bfc224b98ed696320e172500b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

588af60bfc224b98ed696320e172500b
Size

4KB
MD5

588af60bfc224b98ed696320e172500b
SHA1

3720649f96505492e20a66946bfd5f4bd60c3e8c
SHA256

1d188409f34a20943b21299d39c59edda35d55f3f0bb0050be384b17775023b1
SHA512

cd3ffd5091e198bbbfe2ac1304285c4205a7398788ae251a553c5d2ccc0182cd25b781ffe00d1dc58c2e0af8487f9a410ce6f8fdf3cf3d8fc2688306623f99cc
SSDEEP

96:ODDhm7nqmUU30ERTL+2hSZvvCnqB9teJW:A4zG+0MTL1hSZvqqB9th

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
588af60bfc224b98ed696320e172500b

Files

588af60bfc224b98ed696320e172500b
.exe windows:4 windows x86 arch:x86

1dcd9ce2eff0a54feacbfadbe94036c0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

TranslateMessage
SetTimer
RegisterClassExA
PostQuitMessage
KillTimer
GetMessageA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
wsprintfA

kernel32

SystemTimeToFileTime
GetSystemTime
lstrlenA
lstrcpyA
lstrcatA
CloseHandle
CreateFileA
ExitProcess
GetCommandLineA
GetModuleHandleA
GetSystemDirectoryA
ReadFile
WinExec

advapi32

RegCreateKeyExA
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCloseKey

wininet

InternetGetConnectedState

urlmon

URLDownloadToFileA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE