b71dcbd760cbb24f05a79701d9598d75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b71dcbd760cbb24f05a79701d9598d75
Size

184KB
MD5

b71dcbd760cbb24f05a79701d9598d75
SHA1

f574c96a7a1427a55f347e4c7e3bca33327037d6
SHA256

431a754592adbc8a4fe4ed5a13a94d0c128ee9121304b44631f3083a01687697
SHA512

0ce6c572bce72253de2807d164c5f9b20d41d209cd04b4929e4d1061d05e3da1474411a28c778e08c9c817c537914006c6aa0b45599f4efd5d4245aa70d3d6a0
SSDEEP

3072:7M+iuk1nuQo9876LSc6n8ZfGDBt5fx/E1VR5h+XANgwU3DYN0gWsC7Sn+VTlf:7M+tk1nuQss6LSt8Z+9KR5hTgq09z2+L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b71dcbd760cbb24f05a79701d9598d75

Files

b71dcbd760cbb24f05a79701d9598d75
.exe windows:4 windows x86 arch:x86

967525ad1c642c305d8d8f985c1c69b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
GetCurrentProcess
CreateFileA
ExitProcess
CloseHandle
LCMapStringA

user32

CreateWindowExA
wsprintfA
CloseWindow
SetWindowLongA
CharLowerBuffA

advapi32

RegEnumKeyA
RegDeleteValueA
RegSetValueA
RegQueryValueA
RegDeleteKeyA
RegCloseKey
RegCreateKeyA
RegEnumValueA
RegOpenKeyA

Sections

.text
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ