b9c953d2937d4cb302247b8f9da6efd1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9c953d2937d4cb302247b8f9da6efd1
Size

13KB
MD5

b9c953d2937d4cb302247b8f9da6efd1
SHA1

f988efbbbe38a66944a9915fc114618fbf130eb0
SHA256

e07596900ee44b178b3a9ea8b88d4ec945d40dd19bf17aa34ead127274594462
SHA512

be8d34bbc16656b31edf5250f75af144f583a1f6e3391394b6d27adf26a9e5c364bc73e3d8e87a692160f6ac45626878bd1c1466a3635fafd96fbf5b4267fbef
SSDEEP

384:eARMBOFJrwxYooDeaq75oNI3SupV6R6bAwGw:e0MBOzUoDeacERUcw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9c953d2937d4cb302247b8f9da6efd1

Files

b9c953d2937d4cb302247b8f9da6efd1
.exe windows:4 windows x86 arch:x86

cbf47572e8cb446c01bd5522c7d7f827

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
FormatMessageA
GetLastError
SetLastError
VirtualAlloc
CloseHandle
MapViewOfFile
CreateFileMappingA
VirtualFree
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
GetModuleFileNameW
UnmapViewOfFile
lstrcpynW
GetFullPathNameW
SetEnvironmentVariableW
HeapAlloc
GetProcessHeap
GetFileSize
ReadFile
SetFilePointer
CreateFileW
WideCharToMultiByte
GetEnvironmentVariableW
GetVersion

user32

MessageBoxA

Sections

.text
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.res
Size: 4KB - Virtual size: 732KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE