9bb9e5c893224b4e711137ae62efde1a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bb9e5c893224b4e711137ae62efde1a
Size

476KB
MD5

9bb9e5c893224b4e711137ae62efde1a
SHA1

e331e8cc2a323c4f07a362ebdc8a5169ecf7bde6
SHA256

f480aee25148cd9ea2b848641e4780d5f5328803e9a4dbbe3297ac22590dbd4b
SHA512

05c22d8848fda739c0114e07dc9428235a393bc26af4aabb5b64454ce7f566850736f2bb277496c3d44db8e8270e88cebce7f45e642fffb1c975a694882b5966
SSDEEP

12288:wiXY74/RCJcuYb4WoZi+65usolH7ToXs9:w+RVPXo9yAhTX9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bb9e5c893224b4e711137ae62efde1a

Files

9bb9e5c893224b4e711137ae62efde1a
.exe windows:4 windows x86 arch:x86

383a31edde84296857d989438eb7e090

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

ZwOpenSymbolicLinkObject

kernel32

GetVersion
GetSystemDefaultLangID

user32

GetActiveWindow

Sections

.text
Size: 472KB - Virtual size: 476KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 194B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE