b9dbaa2ceacc762cff20586a4bdea2c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9dbaa2ceacc762cff20586a4bdea2c7
Size

126KB
MD5

b9dbaa2ceacc762cff20586a4bdea2c7
SHA1

83160637387a1cd4daf30229d8addcbcea5ea3f3
SHA256

9fe71e3e5b082dda69e4633a15181a3290135cbb4e312ec6b460b48b11626ef0
SHA512

87031e35e8979b873e4cc1ce1a81c6b3e81c73003a015745a08342e0b783d5651a33208b51266cd18814166c19d419f640178b0a57b9075b0c4d883ed7bb9bda
SSDEEP

3072:ei/eWQ/582z7Jx2a8+e5xoZI/ttY32tf5bXwbbsQlIK:vt02a8RxomeWf1gvsa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9dbaa2ceacc762cff20586a4bdea2c7

Files

b9dbaa2ceacc762cff20586a4bdea2c7
.exe windows:4 windows x86 arch:x86

2cb0dd57e52f010921be59dcf0a64bec

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegEnumKeyExA

oleaut32

SysAllocStringLen
SysReAllocStringLen
SafeArrayCreate
SafeArrayUnaccessData
GetErrorInfo
OleLoadPicture
SysFreeString
SafeArrayPtrOfIndex
SysStringLen

kernel32

GetFullPathNameA
GetFileType
GetFileAttributesA
GetCommandLineA
ExitProcess
ExitThread
IsBadHugeReadPtr
GetLastError
GetFileSize
LoadLibraryA
VirtualAllocEx

gdi32

BitBlt
CreateFontIndirectA
GetObjectA
SetBkMode
CopyEnhMetaFileA
CreateBitmap
RestoreDC
GetTextColor
GetDIBColorTable
GetRgnBox

user32

KillTimer
TranslateMessage
UnhookWindowsHookEx
CreatePopupMenu
UnregisterClassA
GetMenu
GetSysColorBrush

Exports

Exports

_w5mCnPhqZjK
iPqTHB5JHp01@4
vfjDX58uGzmT45
_FjAhGovb3@16

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ