b88e6890275d575d0f3c404b92633bf7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b88e6890275d575d0f3c404b92633bf7
Size

170KB
MD5

b88e6890275d575d0f3c404b92633bf7
SHA1

2199c06db5d19575180d021b2a6770be66874bcf
SHA256

856eed0d18345cff9395225385cd98f860668c73fdae5fede7b2b2c35dd01833
SHA512

a0067ba37ba0f85dcfc7e9e4f10f3e05598b57fd8165c0f8616461be136be2baf834803d2996ccc2e3f6ceeae9650ca44bf0bd47e766351890b745a9b7e440b9
SSDEEP

3072:fvwWzOt693FeNvaUlHcyApsKw+Y6l+XK:ytuFkvtCyUM+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b88e6890275d575d0f3c404b92633bf7

Files

b88e6890275d575d0f3c404b92633bf7
.exe windows:5 windows x86 arch:x86

6b6046801102008e17d68fe427de96fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
OpenFileMappingA
FindClose
ExitThread
ExitProcess
GetCPInfo
CompareStringA
GetFileType
lstrcmpA
HeapFree
DeleteFileA
HeapAlloc
GetStdHandle
FormatMessageA
GetLocalTime
FlushFileBuffers
FreeResource
DeleteFileW
GetPriorityClass
OpenFile

advapi32

RegEnumKeyW
RegQueryValueA
RegEnumValueW
RegCreateKeyA
RegCreateKeyW
RegQueryValueExW

user32

GetWindowTextLengthA
DrawIcon
GetCursor
LoadCursorA
AppendMenuW
DialogBoxParamW
GetScrollPos
DrawTextW

Sections

.cb8e1
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.1aa9
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.9g9ba
Size: 116KB - Virtual size: 376KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.g443g
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ