9bb2f271f9bae284e61793317f1e7ec8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9bb2f271f9bae284e61793317f1e7ec8
Size

71KB
MD5

9bb2f271f9bae284e61793317f1e7ec8
SHA1

01aff7e3c915497f9876e14bacf113235073bf99
SHA256

3312f31dbf54bf00287d803b86cb7dcadb573d9031cc258546260eb5ed9e7495
SHA512

fd0f8ea6173ee1391d46520472f4214a63d868ce7050dcb4e66d3cdc6b4ebfdc3d3789a6a346e00cb1ff5309b6442178915258a8185d172c1b95dca8cb512f96
SSDEEP

768:x+8hbSVZgVrvgX//z/77Xhypj92wdqTcQ3T75NQaa/Sj7YxvMDAwdoTmz:/2wkXgj9C3TdNQ+gxqToTmz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9bb2f271f9bae284e61793317f1e7ec8

Files

9bb2f271f9bae284e61793317f1e7ec8
.exe windows:4 windows x86 arch:x86

ed793dbdeeb510d6032d9b8268eb8384

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CreateProcessA
lstrcatA
GetWindowsDirectoryA
GetProcAddress
WriteProcessMemory
VirtualProtectEx
VirtualQueryEx
VirtualAllocEx
VirtualFreeEx
GetModuleHandleA
CompareStringA
lstrcmpA
ReadFile
CreateFileA
GetCurrentDirectoryA
CopyFileA
GetCurrentProcess
GetModuleFileNameA
CreateDirectoryA
FindClose
FindNextFileA
DeleteFileA
FindFirstFileA
GetEnvironmentVariableA
FreeLibrary
LoadLibraryA
WriteFile
GetTickCount
GetVersion
ExitProcess
TerminateProcess
OpenProcess
WinExec
CloseHandle
GetLastError
HeapFree
GetProcessHeap
lstrlenA
HeapAlloc

user32

RegisterClassA
LoadCursorA
PostThreadMessageA
GetWindowThreadProcessId
FindWindowA
PostQuitMessage
DefWindowProcA
CreateWindowExA
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA
wsprintfA

advapi32

AdjustTokenPrivileges
OpenProcessToken
IsValidAcl
InitializeAcl
LookupPrivilegeValueA

ws2_32

WSACleanup
WSAStartup

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE