9b98d7ceaef40b6fca8f9210b911003b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9b98d7ceaef40b6fca8f9210b911003b
Size

7KB
MD5

9b98d7ceaef40b6fca8f9210b911003b
SHA1

8ccbe6b5c462801b74c430698088bf8c81ff2eca
SHA256

0141a201d2cab935064505e351685587c8ba2daac0a45d12dc7c5c508ca55955
SHA512

65cb12eac548ca51081d762555f1494cdea8f83976209a17d09346f0448dabddb6d6512db5fe091a23f0b4c563f5c20e6b73ae07a9bb65be5ad93cc10cedf038
SSDEEP

192:MiZGiZqqWi4b4tpR/naytQt28wKDER+yc:MiYi9WlEtp9xtEqKDTB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b98d7ceaef40b6fca8f9210b911003b

Files

9b98d7ceaef40b6fca8f9210b911003b
.exe windows:4 windows x86 arch:x86

df07e1a378b9f8d4791097884d34224d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoInitializeEx
CoUninitialize

kernel32

WriteFile
lstrlenA
WaitForSingleObject
CloseHandle
CreateFileA
GetVersionExA
FreeLibrary
CreateThread
GetProcAddress
LoadLibraryA
GetSystemDirectoryA
lstrcatA
lstrcpyA
WinExec
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ExitProcess

user32

GetMessageA
PostMessageA
SetWindowTextA
UnregisterHotKey
DispatchMessageA
TranslateMessage
wsprintfA
ShowWindow
RegisterHotKey
GetDlgItem
CreateDialogParamA
DestroyWindow

ws2_32

send
connect
htons
gethostbyname
inet_addr
socket
recv
WSAStartup
closesocket
WSACleanup

advapi32

RegOpenKeyA
RegSetValueExA
RegCloseKey

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ