97b5d14798d00db5bcdd01fc233116c4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

97b5d14798d00db5bcdd01fc233116c4
Size

24KB
MD5

97b5d14798d00db5bcdd01fc233116c4
SHA1

e788137fb3db29e2b80632802f716916c45f2f05
SHA256

d536ff2473832e7892b8b57f60374cb654a737ef14b7c118563a8b7d57c725aa
SHA512

81a9b1251d93b3453437da42bee454cb7c6b08fe3e501404cb90c18e51a09aa536a69334ec7537b5e69394625f668a451f8ed362c1e283044ad505400d8609f7
SSDEEP

96:bqXF0QvTnQ6gUJzOiF5EFE7vp0W6sz2HwL9yRNrcuBDRUobHSImb/8I0P0s2bpZ:bqaQvUqFlFWi7csAwL9yLHpWJhPpZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97b5d14798d00db5bcdd01fc233116c4

Files

97b5d14798d00db5bcdd01fc233116c4
.exe windows:4 windows x86 arch:x86

a1bc58bac4b6994ce7bc84ec4e65ad26

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

strcat
strlen

urlmon

URLDownloadToFileA

kernel32

GetProcAddress
HeapAlloc
GetCommandLineA
GetProcessHeap
TerminateProcess
OpenProcess
GetCurrentProcessId
CreateProcessA
CloseHandle
WriteFile
CreateFileA
FreeLibrary
DeleteFileA
ExitProcess
GetModuleHandleA
GetVersion
GetModuleFileNameA
GetStartupInfoA
LoadLibraryA
GetTickCount
GetTempPathA
ReadFile
SetFilePointer
GetFileSize

user32

wvsprintfA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE