89bb44597a289870e1fa3b4c3340c3be | Triage

Sharing

General

Target

89bb44597a289870e1fa3b4c3340c3be
Size

18KB
MD5

89bb44597a289870e1fa3b4c3340c3be
SHA1

17d39c1aa008ad2d3e5634f7e2090f82ebf9454a
SHA256

5dfac7b3d4448d061f1f4f645abb6680f7a1a6b58b90e78b9af852d0fe4ac340
SHA512

a3731f847a13fc86137c5b7f0130c70da63033efbfad9b8c5d99389ae246f39974284ca415ee8f55be0a6f8d08666e2322fc92f8e46530c312e982d05f974d72
SSDEEP

384:FwrdGEqWiLh/6ZMJwnYua/7xhksddjrwIPzzzzzzzzv:SwEqWO2a/7xhkMNPzzzzzzzzv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89bb44597a289870e1fa3b4c3340c3be

Files

89bb44597a289870e1fa3b4c3340c3be
.exe windows:4 windows x86 arch:x86

fb71515595f0c83eb5f86288f998721b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
IsDebuggerPresent
GetModuleHandleA
GetTapeStatus
PeekConsoleInputA
ResumeThread
InterlockedExchange
WaitForSingleObject
GlobalSize
GetSystemTime
VirtualProtect
GetUserDefaultLCID
LoadLibraryExA
FreeConsole
GetCommandLineA
GetACP
HeapDestroy
GlobalMemoryStatus
GetOEMCP
GetTimeFormatA
GetCurrentProcessId

user32

FrameRect
BeginPaint
wsprintfA
GetClassNameA
GetCursorPos
GetFocus
GetTitleBarInfo
GetParent
ReleaseDC
SetForegroundWindow
EndPaint
GetWindow
GetDC
ShowWindow
DrawTextA
DragDetect
FillRect
AnyPopup
CreateIcon

ntshrui

GetLocalPathFromNetResourceA
GetNetResourceFromLocalPathA
IsPathSharedA
SetFolderPermissionsForSharing
IsFolderPrivateForUser

msutb

GetPopupTipbar

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ