9b8a6018a100b9ccee0d1d2dd3ad19e3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b8a6018a100b9ccee0d1d2dd3ad19e3
Size

24KB
MD5

9b8a6018a100b9ccee0d1d2dd3ad19e3
SHA1

f8f20eac781f86c2ba38cb6d5addcadeccc437ce
SHA256

a43c5b4b62d1472ccd270a97cc09b529a9a4e11d8113bfaa27eed58f4a565846
SHA512

682def8a61387f07347eb0e0081d33bd2f980de269f475e81c8e73afa00250d82c6e21016e459ca2311cb0744d9e24e97d3531b2503bba90ce0e04bd9186f113
SSDEEP

384:i7qwu7iJsKEKM9uLjzWXH8Bkvbo38GhjBs6S37/+XWF+8gJPFW2sN+iy:Yqwu7iJJhM9uy8BIaBJA72b8gJPNsQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b8a6018a100b9ccee0d1d2dd3ad19e3

Files

9b8a6018a100b9ccee0d1d2dd3ad19e3
.exe windows:4 windows x86 arch:x86

f0dbc6ec848d323db7e13113deed315f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
lstrlenA
GetSystemDefaultLangID
CopyFileA
GetModuleFileNameA
CloseHandle
WriteFile
CreateFileA
SetCurrentDirectoryA
Sleep
FreeLibrary
GetProcAddress
LoadLibraryA
FindNextFileA
GetFileSize
FindFirstFileA
GetTickCount
DeleteFileA
ExitProcess
GetLastError
CreateMutexA
GlobalFree
GlobalUnlock
SetFilePointer
GlobalLock
GlobalAlloc
WinExec
Process32Next
TerminateProcess
OpenProcess
Process32First
CreateToolhelp32Snapshot
lstrcpyA
GetWindowsDirectoryA
lstrcatA
CreateDirectoryA
ReadFile
lstrcmpA

user32

wsprintfA
MessageBoxA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegEnumValueA
RegSetValueExA

ws2_32

WSAStartup
htons
send
closesocket
listen
accept
recv
socket
gethostname
gethostbyname
WSACleanup
bind

wininet

InternetCloseHandle
InternetOpenA
InternetOpenUrlA
InternetReadFile

msvcrt

rand
srand
time

Sections

.data
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ