b945ed23883f94e083a43f9bd1adcef1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b945ed23883f94e083a43f9bd1adcef1
Size

24KB
MD5

b945ed23883f94e083a43f9bd1adcef1
SHA1

6b0a9bd2bee559e0f64926bf31ec0596c14d3a1f
SHA256

581b011a739922396c4b875ef4224fe0974ee996455448d42e737affddc8d1b8
SHA512

1b15b64a1c61090b73dd523ec23ff459514fd08c5cd960c5b3112e1298e5768be3c2da207e7d428e4f48893a2ea5b37580f2241f59f11e8f121e16760431b2db
SSDEEP

384:hBIxnFJjP+aIH2a1DNAWbZP4q7E9IqWeQnrpaFZ:AB+aIH/1pbZn7E9IqWeQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b945ed23883f94e083a43f9bd1adcef1

Files

b945ed23883f94e083a43f9bd1adcef1
.exe windows:4 windows x86 arch:x86

35b50364dc7f94051ff5d6fda692e048

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

Shell_NotifyIconA

kernel32

HeapFree
WriteFile
CloseHandle
HeapAlloc
GetProcessHeap
CreateFileA
GetSystemDirectoryA
LoadLibraryA
lstrlenA
CreateProcessA
GetLastError
CreateMutexA
lstrcatA
lstrcpyA
GetModuleHandleA
ExitProcess
Sleep
CreateThread

advapi32

RegQueryValueExA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

user32

TranslateMessage
GetMessageA
CreateWindowExA
RegisterClassA
DispatchMessageA
SendMessageA
DefWindowProcA
PostQuitMessage
wsprintfA
LoadCursorA
LoadIconA

urlmon

URLDownloadToFileA

shlwapi

PathFileExistsA

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE