b87a749c8ccef04f2744ff5097643b16 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b87a749c8ccef04f2744ff5097643b16
Size

495KB
MD5

b87a749c8ccef04f2744ff5097643b16
SHA1

35919b4e28e03cafbeb5a015820c2a2d7c9704c6
SHA256

a4f1122460455c0321378eac5aef0d0b892fd6a29719408e07662890bebfa65e
SHA512

0122a8a3c98a04a8e7023fd7b0bfca958c5d83023df8fe5c352a6bbeccd83ab10466a8d3633c76e9760707ff11622c960a3373a65994bbc2a3496f5753e4861a
SSDEEP

12288:BFJJCA+TiZa3uwGOrrZdK0LeTugOD0QQY8xcJN+:Bt6eZn54ry4hQjxc6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b87a749c8ccef04f2744ff5097643b16

Files

b87a749c8ccef04f2744ff5097643b16
.exe windows:5 windows x86 arch:x86

6db2d5ddf9e2dbcc7265adc532789077

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA

kernel32

ReleaseMutex

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathMatchSpecW
SHDeleteKeyA
StrCmpNIA
wnsprintfA
wvnsprintfA

user32

CharLowerBuffA
EndDialog
GetCursorPos
GetIconInfo
GetKeyState
GetMessageA
GetWindowThreadProcessId
MsgWaitForMultipleObjects
PeekMessageA
SendMessageA
ToUnicode

Sections

.zep
Size: 40KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idyx
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lql
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ