b853c5d0cb26fd76d6cd23a650062677 | Triage

Sharing

General

Target

b853c5d0cb26fd76d6cd23a650062677
Size

20KB
MD5

b853c5d0cb26fd76d6cd23a650062677
SHA1

1db98a833cf2c0838ea2ac4f1f9abb1ef42de11e
SHA256

1255cdc7bd28f3112044ef2bbb8204129af890b8f5c957415ad9c007800b2707
SHA512

37547e10ef7a0c79dc2c5d180faca8c2c242f1336ba271ac1cb66ec6154886a7ca108d9e7a40ff1709c173d71345cc70518fa61d81cf7cb166fb739b9e65628b
SSDEEP

192:P1rAhLjhLG/Ge0gWQEh6GzfBnnB+21U/zg++19/rUmntEnrFyL:P2NLG/GPvQEnJn42q/z5+/oTF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b853c5d0cb26fd76d6cd23a650062677

Files

b853c5d0cb26fd76d6cd23a650062677
.exe windows:4 windows x86 arch:x86

9f3127b3d03bfa66248358fd3141f7e2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

wsprintfA
TranslateMessage
SetTimer
RegisterClassExA
KillTimer
PostThreadMessageA
GetWindowThreadProcessId
LoadIconA
LoadCursorA
FindWindowA
DispatchMessageA
DefWindowProcA
CreateWindowExA
PostQuitMessage
GetMessageA

kernel32

GetCommandLineA
GetModuleHandleA
GetLastError
CreateDirectoryA
lstrcatA
WriteFile
Sleep
SizeofResource
SetFileAttributesA
LockResource
LoadResource
CloseHandle
CopyFileA
GetProcAddress
CreateFileA
CreateMutexA
CreateThread
ExitProcess
FindResourceA
FreeLibrary
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA
GetTempPathA

advapi32

RegSetValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

wsock32

WSAStartup
gethostbyname
WSACleanup

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ