b9f88688bb03b42c94527eeb4b5f96e9 | Triage

Sharing

General

Target

b9f88688bb03b42c94527eeb4b5f96e9
Size

636KB
MD5

b9f88688bb03b42c94527eeb4b5f96e9
SHA1

adf3425f6eed152a3c9c3002d8bc2df486a01c2f
SHA256

6d4dffb98380d6e9ff84680eac28197c318e35d354281774df52e1f2ebc43ac0
SHA512

39f5bb35e8c6c1687adae2487954121f004841ab8ad2e113aa5271bbb8bd335b578879336fd16b86bffa975f6470016875fff3e230dfa579e457073445b60a4f
SSDEEP

12288:qTw+5XCHW0Mq+X3cD39AiH8XZKB662cGfoIRBjnDERAfekGeZtvV:qF5XCHbz+X3Y3OiuZK8w9Q67kJLv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9f88688bb03b42c94527eeb4b5f96e9

Files

b9f88688bb03b42c94527eeb4b5f96e9
.exe windows:4 windows x86 arch:x86

527e5fdd2ca728e8ff75dd0f0f947c27

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
CloseHandle
GetModuleHandleA
GetAtomNameA
CompareFileTime
InterlockedExchange
lstrlenA
GetStdHandle
HeapCreate
GetVersion
VirtualProtect
WaitForSingleObject
GetSystemDefaultLangID
GetConsoleCP
WaitForMultipleObjects
SuspendThread
LoadLibraryExA
GlobalUnlock
HeapReAlloc
GetCommandLineA
SetConsoleCP

user32

DispatchMessageA
CopyImage
DragObject
FillRect
GetCursorInfo
DialogBoxParamA
GetKeyboardLayout
InsertMenuA
DrawCaption
SetPropA
IsDialogMessage
InvertRect
GetDlgItem
DestroyMenu
GetKeyState
CreateMenu
FindWindowA
CreateIcon
SetScrollInfo
SetWindowPos
EnableScrollBar

advapi32

RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyA
RegCloseKey
RegEnumValueA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ