88cbb6e41b469639e06eaf1241b5bf2c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

88cbb6e41b469639e06eaf1241b5bf2c
Size

224KB
MD5

88cbb6e41b469639e06eaf1241b5bf2c
SHA1

a8ab2117d42579bf4da4af790fc911a1e9dc8619
SHA256

2bd49bc25c1c38f55cbdaada6fc964b06e6b4d7ebf714bf7d528c9187562b752
SHA512

e223c3d87f746348e6ea00acdfb40497b8268806333d4b0d8432e0576d60204ae563ca7d1889dec998fd5d4d118ad72e8af70a291b356ec507e0de06971571ad
SSDEEP

6144:G7d7s/y1bN/FZqDjBtLU7xXIJo0LG0XG+FUNa/c5TM:G77SDjTsZIW0dxUNVx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
88cbb6e41b469639e06eaf1241b5bf2c

Files

88cbb6e41b469639e06eaf1241b5bf2c
.exe windows:4 windows x86 arch:x86

776a02940cf16cc4780b76bd7063539d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrA
GlobalUnfix
ClearCommError
HeapDestroy
IsDebuggerPresent
SetSystemTime
VirtualAlloc
GetProcessVersion
CancelTimerQueueTimer
GetConsoleCommandHistoryLengthA
ChangeTimerQueueTimer
IsBadHugeWritePtr
IsBadWritePtr
OpenSemaphoreA
HeapWalk
GetComputerNameA
CloseHandle
MoveFileWithProgressA
GetModuleFileNameA
SetConsoleCursorPosition
DebugBreak
GlobalDeleteAtom
OpenEventA
GetProcessWorkingSetSize
AllocConsole
GetPrivateProfileStringA
SetCommConfig
PeekConsoleInputA

tapi32

lineAddProvider

Exports

Exports

CloseIbwpsrdkv
Jqbaligflti
Cdmgdhij
Tvdocckvwc
WriteCdkpanq
Vkrjxjyhfq

Sections

.itext
Size: - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 80KB - Virtual size: 740KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 108KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ