996bade065aca082680bbf77fb5a5c1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

996bade065aca082680bbf77fb5a5c1a
Size

54KB
MD5

996bade065aca082680bbf77fb5a5c1a
SHA1

ff582b447ead9bfa0c65ec88f2809863ab094940
SHA256

1d1165b76b719f1f3b5d22b674904144c0d24654519e8177d3df6497d4a2d264
SHA512

d5419c247dc8771d34714eecad1e72ffae205ba08bc4f2eb820556f7540566c5b9ba7b816c91b0593391af0790d9ada7843b059ebac43a92cd50989d45714ee6
SSDEEP

1536:hxDEl1rcttDQNjCoNxYCykVRyFbReeVs0BHHStgWtp:hxEcfDQNO2xhPMFbRNBHyn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
996bade065aca082680bbf77fb5a5c1a

Files

996bade065aca082680bbf77fb5a5c1a
.exe windows:4 windows x86 arch:x86

ceda8f0022ef6f3399ea9823676f35ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadCursorA
GetCursor
DrawTextW
GetDC
LoadMenuA
EndDialog
CopyRect
DialogBoxParamA

kernel32

GetOEMCP
lstrcpyA
GetStringTypeA
CreateFileA
SetHandleCount
GetFileType
GetStdHandle
GetStartupInfoA
GetVersion
GetModuleFileNameA
lstrcatA
GetACP
GetCommandLineA
GetStringTypeW
LCMapStringW
GetCurrentProcess
LCMapStringA
TerminateProcess
SetFilePointer
lstrcpynA
MultiByteToWideChar
GetCPInfo

comctl32

ImageList_GetIcon
MenuHelp
CreateMappedBitmap
DrawStatusTextW
CreateToolbar
CreateStatusWindow
DrawStatusText
ImageList_EndDrag
ImageList_GetIconSize

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 50KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 1KB

IMAGE_SCN_MEM_READ