97ab87495e9b603995704bd55afe949b | Triage

Sharing

General

Target

97ab87495e9b603995704bd55afe949b
Size

179KB
MD5

97ab87495e9b603995704bd55afe949b
SHA1

05478644bb70979dd103b03ba9326887fef077e5
SHA256

9b3a3e74b4dcb85442d968183af390fff3c407e00b282266822729d56174982d
SHA512

cd6e5e49e458c21dbf88fed93cb4092428234c4f7cb51ef16e77b7c90c467d9cf7eac2a5d6a84e2a1f98bd5b1d77d885585b569e400ecc57a3b706e33ccbdc07
SSDEEP

3072:BbJQW1bxRxrZRM74qYAhd9MT/a36C5oAPcvHMMEsYMkkMmh5:jh1bdrZi74vAJYK6IoA0zhYRkMK5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97ab87495e9b603995704bd55afe949b

Files

97ab87495e9b603995704bd55afe949b
.exe windows:4 windows x86 arch:x86

cfc187c88049a5dcd40c7d5be5504afe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetRectEmpty
GetWindowPlacement
AdjustWindowRectEx
GetClientRect
PostMessageW
InvalidateRect
SetCursor
FillRect

advapi32

RegCreateKeyW
RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegEnumKeyExW
RegSetValueW

msvfw32

ICOpen
ICSendMessage
ICClose
ICDecompress

kernel32

GetLongPathNameW
GlobalFree
UnhandledExceptionFilter
SetThreadContext
GetCurrentProcessId
GetModuleHandleW
EnumResourceTypesW
GetLastError
ExitProcess
GetCurrentThreadId
CreateFileW
GetProcAddress
LoadLibraryW
CloseHandle
GetVersionExW

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 372KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ