990fd00f83ccb8e85cd4101eb2d0dbf5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

990fd00f83ccb8e85cd4101eb2d0dbf5
Size

244KB
MD5

990fd00f83ccb8e85cd4101eb2d0dbf5
SHA1

cf193bd9874164596246d3deb9d14e6d2b606e8a
SHA256

7de4955c8b2b68b0718337798920643e7831772f57e262e17f34663fc9b0a716
SHA512

461db92d7c604fa4da60b705b23582d4f29fc0d2235cad9a5a69138b57feb5e202d0ca841973bf5c29848840817464ce9aa013afb2f6d23e76f93a3bd284f238
SSDEEP

6144:LzP07UakKjqHGkPe8bbGGRfOsHByhXSXajKjV00jC364lkHb2B:HTakKmHPbzmOByIqex0M4RkHKB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
990fd00f83ccb8e85cd4101eb2d0dbf5

Files

990fd00f83ccb8e85cd4101eb2d0dbf5
.exe windows:4 windows x86 arch:x86

31667fa65e5a5a87d824c67713a2a01e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
VirtualAlloc
TlsGetValue
GetLogicalDrives
GetSystemDefaultLangID
GetModuleHandleW
GetModuleFileNameA
TlsSetValue
FreeLibrary
GetCurrentThread
GetACP
TlsFree
GetCommandLineA
IsDBCSLeadByte
GetCurrentThreadId
GetDriveTypeW
Sleep
GetCurrentProcessId
lstrcmpA
GetCurrentProcess
lstrcatA

user32

GetWindowTextLengthA
ShowWindow
GetSystemMetrics
RegisterClassA
GetDC
GetActiveWindow
GetWindow
GetWindowLongA
GetForegroundWindow
GetClassLongA
GetWindowDC
GetWindowTextA
ReleaseDC
IsIconic
GetFocus
CreateWindowExA
IsWindowVisible
BeginPaint
UpdateWindow

advapi32

RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegQueryValueExA
GetUserNameA
IsTextUnicode

version

VerQueryValueA
VerLanguageNameA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 596KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ