b6edf07bc18f0c97ae6fbcf7b4e1791c | Triage

Sharing

General

Target

b6edf07bc18f0c97ae6fbcf7b4e1791c
Size

18KB
MD5

b6edf07bc18f0c97ae6fbcf7b4e1791c
SHA1

ab5acd02eaeaa87a1a46977d9dd76ec83d723c28
SHA256

57166c3084610deeb9dd973445ed23d68c5823038acc3f4f71fbf1d5b552dcc1
SHA512

9fd7f1bc0e2cba97ca93daa1024db8b271091fd66665fe0bc024e425b26275fdf5ad7ebcf38276cbe5b7a1724efb6e2b3c399f21e372d4b3c4e479c1c4e5268f
SSDEEP

192:JdUwO3bOX3DJ+gAs++ge33YA9PMDLntGaDJVOdLohKIdU3rOvWt6m66h6EfJ:abK31+gjrz33/MDDxv4LHrRtR66DR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b6edf07bc18f0c97ae6fbcf7b4e1791c

Files

b6edf07bc18f0c97ae6fbcf7b4e1791c
.exe windows:4 windows x86 arch:x86

df0711af6734f62859cb6684fb7c9712

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDrives
IsDebuggerPresent
GetACP
GetCommConfig
InterlockedExchange
DeleteAtom
GetModuleHandleA
GetTimeFormatA
LoadLibraryExA
HeapCreate
GetStdHandle
HeapDestroy
CreateHardLinkA
CreateFileMappingA
GetCurrentProcess
GetCurrentProcessId
VirtualProtect
CreateThread
GetEnvironmentStringsA
GetThreadPriority
GetCurrentThread

user32

EndPaint
DragDetect
GetWindowTextLengthA
GetWindow
GetParent
GetFocus
ReleaseDC
BeginPaint
GetCursorPos
ShowWindow
GetClassNameA
FillRect
SetActiveWindow
GetTitleBarInfo
GetDlgItem
SetForegroundWindow
FrameRect
wsprintfA
DrawTextA

advapi32

RegQueryInfoKeyA
RegCreateKeyA
RegEnumKeyA
RegCloseKey
RegFlushKey

clbcatq

CoRegCleanup

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ