9b639c657f364246aa4c5e7299101f42 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b639c657f364246aa4c5e7299101f42
Size

108KB
MD5

9b639c657f364246aa4c5e7299101f42
SHA1

eabdd9598f060b1630292f7cdfbdc3b538325dd4
SHA256

e2eaf024f47acd8c193507d36dd6da0008f45a5d51fbf4988a450e95c67b6515
SHA512

81e5dd2ec1bb1af424de8b9be5ecd8c2f2dca9e4c7b99daa5a986e9a16029f74c34d810a36842c1e1f266bb151259816020615cfb9e1aac9ac9a0ad1450095f3
SSDEEP

3072:9BOrl9smStUveZFN2VYFyeccFHUcDgiFMUJjTJ:/OrsmqZWKVD9zDv/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b639c657f364246aa4c5e7299101f42

Files

9b639c657f364246aa4c5e7299101f42
.exe windows:5 windows x86 arch:x86

addd8f97ca58b9cd0d96bc79d71da72b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetObjectA
SetStretchBltMode
SaveDC
GetStockObject
CreateCompatibleDC
CreatePalette
RestoreDC
LineTo
DeleteDC
GetDeviceCaps
GetPixel
CreateSolidBrush
DeleteObject
SetTextColor
CreateFontIndirectA
GetTextMetricsA
SelectPalette
SelectObject
RectVisible
SetTextAlign
GetClipBox

user32

GetSystemMetrics
GetDesktopWindow
CharNextA
GetParent
GetDC
TranslateMessage

kernel32

GetCommandLineA
lstrcmpiA
VirtualAlloc
GetSystemTime
lstrcmpA
DeleteFileA
GetWindowsDirectoryA
VirtualFree
lstrcmpiW
GetModuleHandleA
CopyFileA
QueryPerformanceCounter
lstrlenW
RemoveDirectoryW
FindClose
GlobalFindAtomA
RemoveDirectoryA
lstrlenA

glu32

gluNurbsCallback

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ