787bbcf54f970ee3aa89665f28414fab | Triage

Sharing

Copy URL Twitter E-mail

General

Target

787bbcf54f970ee3aa89665f28414fab
Size

6KB
MD5

787bbcf54f970ee3aa89665f28414fab
SHA1

7c7c4d532fa7b79ffe3815d2873dd19dfb9deece
SHA256

71f8df4614967d232371922cc9135c81a9c5da42f29f2d54c65fe0ea3dac06e1
SHA512

4ba324f14227bca61ed6741379dc3f79dc04b39013f6bd5d5852008647c25b9bce917d5733f0956b8b022e40cf1f3b4408541b14186030a90b8bb6ca99870b4c
SSDEEP

96:v15h4KSE7+9dmlK8LlB7lSidEdZnMzYsmzwilGvAj3/uzMJcnfWQGLBt:v1cK3+flkMrnnMsF/lz3//cnQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
787bbcf54f970ee3aa89665f28414fab

Files

787bbcf54f970ee3aa89665f28414fab
.exe windows:4 windows x86 arch:x86

8f20bd302dd1709dbaa791841ac96123

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA

kernel32

CloseHandle
CreateFileA
CreateProcessA
DeleteFileA
ExitProcess
FindClose
FindFirstFileA
GetModuleFileNameA
GetProcessHeap
GetShortPathNameA
GetSystemTime
GetLastError
GetVersion
GetVersionExA
GetWindowsDirectoryA
HeapAlloc
HeapFree
Sleep
SystemTimeToFileTime
CreateMutexA
lstrcatA
lstrcpyA
lstrlenA
GetTempPathA
WriteFile
GetEnvironmentVariableA

advapi32

GetUserNameA

shell32

ShellExecuteA

wininet

HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetCloseHandle
InternetConnectA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE