b9c409b58d395b9ae31bf047ae40cd9b | Triage

Sharing

General

Target

b9c409b58d395b9ae31bf047ae40cd9b
Size

153KB
MD5

b9c409b58d395b9ae31bf047ae40cd9b
SHA1

5c7f53fdd553143162ea0f90d5410c5e061f3551
SHA256

90bac2a457e0925ae2daff8d9a536df31f59733d16a126770f22c52078b8c245
SHA512

b84e0ba65aab681925da43e12dfc0a306d6caca59052e5c691151d686913a278cb8cfe888a2cb221f32a4f4b67713d0e0f7127a33dcdc0c82e5ae1c86f0de659
SSDEEP

3072:tzPZHdBqXBmRE0MoZO+CT/MeV5CiTNFVmnOgOcLz0Pc8wV4oLwpanBm:tzPZ9BmoRZMoo+m/7V5nOLLz0icpx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9c409b58d395b9ae31bf047ae40cd9b

Files

b9c409b58d395b9ae31bf047ae40cd9b
.exe windows:4 windows x86 arch:x86

9c2fe897ff9207ddcc74ee35f8b95f8c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
FindWindowA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
AddAtomA

msvcrt

__getmainargs

urlmon

URLDownloadToFileA

Sections

.text
Size: 23KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE