b662a169d49a61c00f8c7914d3e59fb4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b662a169d49a61c00f8c7914d3e59fb4
Size

18KB
MD5

b662a169d49a61c00f8c7914d3e59fb4
SHA1

edc1cdf0806012e8889293051bb67a0368a0942c
SHA256

8f7359e0d2cada4ba7b98c35b55cdbc57dc4ccdc18e70352524f34ddfae85d87
SHA512

6c4209f54b4f35c161aa0a4855a46976e0e999e469921e83258b9134b486002449a569238123a9b4d7e54ee3d1aaa4ff02b35d719006b0bc8e8278c323e0b4f3
SSDEEP

192:6Xz88QRJtEwa+2icfikDJrvOlQl9vFSdsO7H8TNZAn3yCZ1eZAOJhQPzP3uRohhY:u7Zftfik9OKDtCsOgzAn3DOA6hQPzG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b662a169d49a61c00f8c7914d3e59fb4

Files

b662a169d49a61c00f8c7914d3e59fb4
.exe windows:4 windows x86 arch:x86

d3456348bdd29bde49ce0444b6d18bf2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
TlsGetValue
FindAtomA
GetVersion
WaitForSingleObject
HeapReAlloc
GetStdHandle
GetModuleHandleA
GetProfileIntA
GetTickCount
InterlockedExchange
GetConsoleCP
lstrlenA
CompareFileTime
TlsFree
HeapWalk
CloseHandle
GetAtomNameA
LoadLibraryA
GlobalUnlock
GetACP

user32

SubtractRect
DestroyMenu
CopyRect
PostMessageA
DispatchMessageA
DialogBoxParamA
TranslateMessage
GetMenuStringA
PaintDesktop
EnableScrollBar
GetKeyboardLayout
LoadIconA
SetPropA
GetWindowTextA
SetWindowPos
GetDlgItem
CreateCaret
ModifyMenuA
InflateRect
InsertMenuA
GetMenu
ShowWindow
GetSubMenu
UpdateWindow
GetScrollRange
EqualRect
PostQuitMessage
MessageBoxA

msi

MsiCloseHandle
MsiEnumClientsA
MsiDoActionA
MsiEnumProductsA
MsiGetMode

uxtheme

GetThemeBool

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ