b664a8318472f9cdaf1e6d0bfdc7fc54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b664a8318472f9cdaf1e6d0bfdc7fc54
Size

812KB
MD5

b664a8318472f9cdaf1e6d0bfdc7fc54
SHA1

68489b17f907905f081b5ba8f6381c6908999652
SHA256

2c081f3caf212589c661b7367489bf3466e92ce61cb4db2cdb9c33e060a08dbf
SHA512

ba4b0816edbd1c7f222e81b9418938e94779af2d5d1a216d37f18fc1c361796285362f3885331ccd54c0e21061265641ea826ec9c5067cf940c25ab82de94f61
SSDEEP

24576:8wzZWw4/2Q2pxrIChiRvsP6HlcZowjjMU:qw9jpxUV6yHQoA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b664a8318472f9cdaf1e6d0bfdc7fc54

Files

b664a8318472f9cdaf1e6d0bfdc7fc54
.exe windows:5 windows x86 arch:x86

c9ff44b4e3344b7520c2a16b4d040a54

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
CreateDirectoryW
LoadLibraryA
CreateFileA
lstrlenA
SetEvent
EnterCriticalSection
GetTickCount
WriteConsoleA
OpenSemaphoreA
GetStartupInfoA
GetFileSize
GetModuleFileNameA
ReadConsoleW
SetLastError
CreateDirectoryA
DeleteFileA
GetEnvironmentStringsW
OpenMutexA
CloseHandle
GetCommandLineA
RemoveDirectoryA
VirtualProtect
Sleep
SetLastError

user32

DrawTextW
GetSysColor
GetWindowLongA
IsZoomed
DestroyMenu
FindWindowA
GetClassInfoA
CallWindowProcW
DispatchMessageA
PeekMessageA
SetFocus
IsWindow
DispatchMessageA

cfgbkend

DllRegisterServer
DllGetClassObject
DllUnregisterServer
DllCanUnloadNow

advapi32

RegCloseKey

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 800KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE