b7f0fbabba4196b4be38b371baa17615 | Triage

Sharing

General

Target

b7f0fbabba4196b4be38b371baa17615
Size

20KB
MD5

b7f0fbabba4196b4be38b371baa17615
SHA1

127b64d1015452365152cb31fff1942300c71380
SHA256

2b40ea7ef13ea148c05588d99f8aae1452139091b0786db673ad8f067762d0e3
SHA512

ac8b1c5f967542cbb570eadc080040e762c4bf4e7d6a056897ddd89c031db2b2df88bbf79253886da62b09b628d0c8ebb88264ea48e887146d29b0e367605d7d
SSDEEP

384:OJn01swUY1EIjESeo544CdHEH5jK3w5VcETcC+TeKthOlnfWjvOeo:OJnoRUyTuuCe5Iw56ETcxntsln

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7f0fbabba4196b4be38b371baa17615

Files

b7f0fbabba4196b4be38b371baa17615
.exe windows:4 windows x86 arch:x86

57619b245f3066774f4e613fa24f20af

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
SetFileAttributesA
GetFileAttributesA
GetTempPathA
lstrcpyA
CloseHandle
lstrcatA
WaitForSingleObject
GetCurrentThreadId
WriteFile
SetFilePointer
CreateFileA
lstrlenA
GetModuleFileNameA
LoadLibraryA
RtlUnwind
ExitProcess
GetModuleHandleA
CreateEventA
GetProcAddress
SetEvent
CreateThread
GetVersionExA
ExitThread

user32

wsprintfA
EndPaint
DestroyWindow
MsgWaitForMultipleObjects
DispatchMessageA
TranslateMessage
ShowWindow
CreateWindowExA
SetThreadDesktop
CreateDesktopA
CharToOemA
BeginPaint
PeekMessageA

advapi32

RegCloseKey
RegCreateKeyExA

shell32

SHGetFolderPathA

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ