87db2e9c57c29c31fc742dbe400cbabf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87db2e9c57c29c31fc742dbe400cbabf
Size

186KB
MD5

87db2e9c57c29c31fc742dbe400cbabf
SHA1

98174e755fd062bebd5ac0b74a1a01ee9eae02da
SHA256

1a06ce83a8127db746b0895f1324c0f4d4a711a492c56fbfa9095a62b4bdcd04
SHA512

1d64b47fdcbb6fc4413d691c267089afbd5b211411fb153add137e78e5a8f1a82d4b058590e4d67c089d9bbbed6a325c53b504f9fbf09a0ac0585edb8e1bd585
SSDEEP

3072:lQBY+WqZAY4CUz8p8rP9zrI2vGWwzBng9kX97FGkhCbeIX1fooal/8FrE6toJ/:iY+p498sPlr+z9gO/KFlzrE62J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87db2e9c57c29c31fc742dbe400cbabf

Files

87db2e9c57c29c31fc742dbe400cbabf
.exe windows:4 windows x86 arch:x86

c3424b643a1d9e4c5d4ec445d6304c43

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetAtomNameA
GetCommandLineA
InterlockedExchange
GetTickCount
WaitForMultipleObjects
GetStdHandle
WaitForSingleObject
VirtualProtect
CompareFileTime
CloseHandle
GlobalUnlock
GetVersion
GetModuleHandleA
HeapReAlloc
LocalSize
LoadLibraryExA
GetConsoleCP
lstrlenA
HeapCreate
SuspendThread

gdi32

BeginPath
GetFontData
GetTextColor
DeleteDC
EngLineTo
AbortPath
EqualRgn
CreateFontA
DeleteObject
Ellipse
EndPath
GetStringBitmapA
GetMetaFileA
Escape
GetRgnBox
GetMetaRgn
FloodFill
CreateICA
CreatePalette

winmm

PlaySoundA
auxGetVolume
CloseDriver
OpenDriver
auxSetVolume

secur32

AddCredentialsA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 788KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ