b661fb20d4eef02dc8852f6df4732997 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b661fb20d4eef02dc8852f6df4732997
Size

16KB
MD5

b661fb20d4eef02dc8852f6df4732997
SHA1

5046048c531c04e9862b2e018946be17fb7d70da
SHA256

c6ee5dfa39e777cadc4852484edf88aa69e0b973101259c8687fde7b19d6ef2b
SHA512

9f554827a74323ca8d1d90da074f1ba80ffe6ebeba686e5d781b7581fc052f9a52d2466bceafd93c3c41a469502c89bff05b40392e026ba2ea720296888b15d8
SSDEEP

192:7BxQfsWr2OUZ6xCsGdFwInWxloMnSHwgGuI55/T+flUDRpUXp:NWsWKOKdGInYJSHyf57+flOpop

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b661fb20d4eef02dc8852f6df4732997

Files

b661fb20d4eef02dc8852f6df4732997
.exe windows:4 windows x86 arch:x86

5d7f04b1045224f8801d147a87132f91

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
GetVersionExA
CloseHandle
CreateThread
lstrcpyA
ExitProcess
lstrlenA
SleepEx
GetTickCount
GetCommandLineA
Sleep
lstrcatA
GetEnvironmentVariableA
GetShortPathNameA
GetStartupInfoA

user32

MessageBoxA

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 956B - Virtual size: 956B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE