9b5dc45666801a6fcef8d386b841bd26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b5dc45666801a6fcef8d386b841bd26
Size

127KB
MD5

9b5dc45666801a6fcef8d386b841bd26
SHA1

0365c5a04235d6cd9dbc19a1371f6c758fc47f25
SHA256

f9c1828158cf54a8352173a39ded01c8b4fa72d82089cd22f47466c676ffe5a0
SHA512

b416ac9803a6bc5bd457774afd010b38e3a6f3e30e85202dedeeda03e950395ada0a98b9ff5241c2e8fdb99ea444c0c80722645ba035e87fe3c8dd7227c12476
SSDEEP

3072:SCX6GqLU28iibd+h8pgWrXfpLecgpSzQ8YdTDY:S433bnNDfRecS8YdT8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b5dc45666801a6fcef8d386b841bd26

Files

9b5dc45666801a6fcef8d386b841bd26
.exe windows:4 windows x86 arch:x86

4b6206cf0accb6be0ba25861c9a17f09

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetShortPathNameA
TlsGetValue
GetUserDefaultLangID
CreateThread
VirtualAlloc
GetProcessHeap
GlobalFindAtomA
GetOEMCP
CreatePipe
GetThreadLocale
SetEvent
GetConsoleCP
CreateMutexA
GetStdHandle
TlsFree
GetModuleHandleA
ReleaseMutex
IsDBCSLeadByte
GetThreadPriority
CompareStringA
GetExitCodeThread

user32

GetWindowTextLengthA
GetSystemMetrics
IsIconic
RegisterClassA
ReleaseDC
GetWindow
GetFocus
GetDC
GetClassNameA
GetActiveWindow
GetForegroundWindow
ValidateRect
GetWindowTextA
InvalidateRect
IsWindowVisible
CloseWindow
GetClassInfoExA
ReleaseDC
ShowWindow

shell32

SHChangeNotify
SHGetFileInfoA
SHGetFolderPathA
SHCreateShellItem
SHBrowseForFolderA

secur32

AcceptSecurityContext

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 33B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ