b439476718bba80ea91c0dfc808b8da7 | Triage

Sharing

General

Target

b439476718bba80ea91c0dfc808b8da7
Size

172KB
MD5

b439476718bba80ea91c0dfc808b8da7
SHA1

22b0d848ae59625f2a680aed1c92713a351540d8
SHA256

9f3f80a3730a644cdbdceba0cc0ba5910d57d2ddc4d1314a09275c9775e71212
SHA512

aafaa3585556d06e2028b1d96f16423ac9a5eb1a5dbe5f26b24cd437eddb64759a6ab783e78f0375906e649411af999ea7d9c0c54bc854b127fb96d190a27237
SSDEEP

3072:DRysv8zjKxVCOLkg/l/LjNHtNktgXAjmsl/7HG5XIYitvC:83jK7COLkK/LRtNkqXOl/q5j8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b439476718bba80ea91c0dfc808b8da7

Files

b439476718bba80ea91c0dfc808b8da7
.exe windows:4 windows x86 arch:x86

208e8503feae2a82d0cb8db2d8f8f4a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__setusermatherr
_ismbblead
_XcptFilter
_cexit
_acmdln
_vsnprintf
__p__fmode
_exit
_initterm
?terminate@@YAXXZ
__set_app_type
exit
_vsnwprintf
_amsg_exit
__p__commode
memset
__getmainargs
_controlfp

setupapi

CM_Get_Depth
CMP_WaitNoPendingInstallEvents
SetupDiGetDeviceRegistryPropertyW
CM_Get_DevNode_Status

kernel32

SetUnhandledExceptionFilter
TlsAlloc
AddAtomW
GetCommandLineA
GetDiskFreeSpaceA
DeviceIoControl
HeapAlloc
GetStdHandle
HeapFree
GetSystemTimeAsFileTime
GetStartupInfoA
GetLocalTime
GetCurrentProcess
TlsSetValue
GetModuleHandleW
GetVersion
GetProcessHeap
EnumResourceNamesA
TlsGetValue
GetTickCount
SetLastError
RtlUnwind
GetCurrentProcessId
CloseHandle
SetHandleCount
GetComputerNameA
TerminateProcess
GetVersionExA
OutputDebugStringW
QueryPerformanceCounter
GetFileType
GlobalMemoryStatus
GetCurrentThread
TlsFree
RaiseException
GetModuleFileNameA
InterlockedExchange

Sections

.text
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ