97b9c1f206593fddce604ba5d5953748 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97b9c1f206593fddce604ba5d5953748
Size

454KB
MD5

97b9c1f206593fddce604ba5d5953748
SHA1

b5a0432cfc9e64ca870d06e9ed2bacccc1e23d8d
SHA256

8e05213e2182461ab0404e885839c738d1895e6ebe1729de606457a449a8ba31
SHA512

6c40ccb137e9136b1d9d8ff68c4e2351e6bcea5331f2ab166171376374e09c36b22cab74f5f97270cee044ba8370d36e9ca4c2cd635989ab00a33f06b2bc9abc
SSDEEP

12288:YCgCqWBN6dxtjMdsTJNR7sO8DDv3umD0dv8z:Yar6/SdsTJNRITH+U0d+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97b9c1f206593fddce604ba5d5953748

Files

97b9c1f206593fddce604ba5d5953748
.exe windows:4 windows x86 arch:x86

e76e1acf479715821ad0ad8184bed0c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentDirectoryA
GetVersion
SetEndOfFile
GetEnvironmentVariableA
SetLastError
GetStdHandle
SetLastError
ExitProcess
WaitForSingleObject
FindAtomW
DeleteFileA
EnterCriticalSection
GetFileSize
GetFileAttributesA
CloseHandle
GetCommandLineA
SetFileAttributesA
ResumeThread
DeleteAtom
CreateFileA
GetExitCodeThread
VirtualAlloc
IsBadReadPtr
GetModuleHandleA
HeapSize

shell32

DragAcceptFiles
ExtractIconA
DllUnregisterServer
DragQueryFileA
SHGetMalloc
DragFinish
SHGetSettings
SHFree
ShellAboutA
StrChrA
DuplicateIcon
ShellMessageBoxA
SHFree

uniplat

UmPlatformInitialize
UmPlatformInitialize
UmPlatformInitialize
UmPlatformInitialize

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 600KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 447KB - Virtual size: 446KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ