b66c7aba5c7e4e45a29959a4d04ecb1e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b66c7aba5c7e4e45a29959a4d04ecb1e
Size

186KB
MD5

b66c7aba5c7e4e45a29959a4d04ecb1e
SHA1

05380c9d3920c2390ce16911cc51d94843398147
SHA256

7983631cc920c360aa33624e429696d8280679451d8aa440dc62a9970df6826f
SHA512

25c5efe4ef8205264a99e95d22d8a7b24caee487cde514b9f4041722a426be0c0db7dd704006e213b1e608fdd01475b274f784b8e3c21692bc10254b109ea2be
SSDEEP

3072:+8tXE6nVZ6B2rXuaSBGO26Kp4vo03hcoURM72i1JzRHY9Kgt4HfwTAbt0M:+8Bf68rxJ6+0H3pURI2OJzR49TM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b66c7aba5c7e4e45a29959a4d04ecb1e

Files

b66c7aba5c7e4e45a29959a4d04ecb1e
.exe windows:4 windows x86 arch:x86

e7666ebeff400ca9623d9eac98f81f82

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetProcessPriorityBoost
ReadFile
CreateFileW
InterlockedDecrement
DeleteCriticalSection
GetModuleFileNameW
CreateEventW
EnumResourceTypesA
Sleep
GlobalAlloc
WriteFile
TerminateThread
GetStdHandle
CreateProcessW
GlobalLock
GlobalUnlock

imm32

ImmAssociateContext

ole32

GetHGlobalFromILockBytes
CoTaskMemFree
StringFromGUID2

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 652B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ