9b9c85af9089d3de7becd8c764d17568 | Triage

Sharing

General

Target

9b9c85af9089d3de7becd8c764d17568
Size

742KB
MD5

9b9c85af9089d3de7becd8c764d17568
SHA1

b034654c61956691ac8e6d22a92b5889c9e086b7
SHA256

8d37081822d62b17113cfd700e57438da13292a0551fcf6cdfa23345f7ffd6e8
SHA512

1fbd2f2a8c567fdcb040b9fbf8d19b5f221b9ff89073457bcf6ebb8e371736de7728baa401218ef0d561e4aea2baaa17053ed01b4135c4c397838ba4a7f274d4
SSDEEP

12288:qg/qYDeleVasew/DVT9F0Sb80Whv1yFm/5gxzEEOspWqNVMGh9wOrOSITa2PXvtY:qElelQze29F0b4Fmaz1ZWkC3OlwPXv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b9c85af9089d3de7becd8c764d17568

Files

9b9c85af9089d3de7becd8c764d17568
.exe windows:4 windows x86 arch:x86

d162d95fb9533b208f056f88632b1b14

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEvent
GlobalFlags
PulseEvent
AddAtomA
CloseHandle
LoadLibraryW
VirtualProtect
FindResourceExA
GetModuleHandleA
TlsFree
GetLocalTime
GetACP
GetSystemTime
GetVersion
ExitProcess
HeapReAlloc
FreeConsole
InterlockedExchange
lstrlenA
GetBinaryTypeA
GetTickCount

user32

GetParent
InsertMenuA
ModifyMenuA
PostQuitMessage
PostMessageA
SetPropA
TranslateMessage
DialogBoxParamA
UpdateWindow
CopyRect
ScrollDC
GetScrollRange
LoadIconA
GetDlgItem
SetWindowPos
DestroyMenu
PrintWindow
ShowWindow
GetWindowTextA
InflateRect
MessageBoxA
GetKeyboardLayout
EqualRect
GetSubMenu
GetMenuStringA
GetWindowLongA
EnableScrollBar
DispatchMessageA
GetMenu

shlwapi

UrlHashA
StrTrimA
StrToIntA
UrlCombineA
StrToIntExA

clbcatq

CoRegCleanup

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ