b82d1f474b946422d88cccc81527164f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b82d1f474b946422d88cccc81527164f
Size

240KB
MD5

b82d1f474b946422d88cccc81527164f
SHA1

a75bd9cc07710af44b429c8f5e635350ad978f89
SHA256

2006ff838e8c4c477aa43bbb65c5b3bb52857ffec2930ddec1ed3bc87a23fd49
SHA512

e026a1b7a23289da40a0b53ee6bf9a7df528074e7c1cf52e2c428da0ca951ee81e8cc8c2a7e3fa59edecbd793debfe313bd2d51277042526e2c398ef2d274a13
SSDEEP

1536:v8c63WWzteAKiu90ocvrceibISNANqfnliSI3er+y2mRArDe:UlWWztePjDczHibIxqflIer+y2iAG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b82d1f474b946422d88cccc81527164f

Files

b82d1f474b946422d88cccc81527164f
.exe windows:4 windows x86 arch:x86

a61f270b8e8f7dc4ed8de0f3ee6c1a32

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SendMessageA
PostMessageA
MessageBoxA
FindWindowExA
FindWindowA
wsprintfA

kernel32

lstrlenA
CloseHandle
CreateFileA
ExitProcess
GetLastError
GetModuleFileNameA
GetShortPathNameA
GetTempPathA
GetWindowsDirectoryA
SetFileTime
Sleep
WriteFile
lstrcatA
lstrcpyA

shell32

ShellExecuteA

advapi32

RegCreateKeyA
RegSetValueExA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 716B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 136KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ