b93fb63c898bc5d6866ce7928eb97573 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b93fb63c898bc5d6866ce7928eb97573
Size

150KB
MD5

b93fb63c898bc5d6866ce7928eb97573
SHA1

8381bf62294853e076bde8853bb2d51398eb6f65
SHA256

e560327cc14c3e7efd0a21251ae6280015d4fd15782bf13888025063d7ab16f7
SHA512

27917490884fd2f3de697940ac3e4c77b9e90a22ec3900a4551be1698b428dd21c2bc7a689d9a30f75c67cd1b9f6b7a55cc1e6e25360cad656547c5c81761dda
SSDEEP

3072:roh8wWzZ5F5pU7mPbYg6OUS35tUH716Dyd5YnBckBL:KCdH5pOmPcg6vS3kH7IOd6Bc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b93fb63c898bc5d6866ce7928eb97573

Files

b93fb63c898bc5d6866ce7928eb97573
.exe windows:4 windows x86 arch:x86

21b68ea4b06b1591923d1d7e6d9550dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

shlwapi

PathCombineW
SHGetValueW
PathAppendW
PathRemoveFileSpecW
PathFileExistsW

user32

GetDC
ReleaseDC
GetWindowModuleFileNameW
LoadIconW
PostQuitMessage
SetWindowTextW
IsDlgButtonChecked
CreateCursor
SetWindowLongW
GetDlgCtrlID
PostMessageW
GetFocus
IsWindow
DestroyWindow
MsgWaitForMultipleObjects

shell32

ShellExecuteW
SHFileOperationW
CommandLineToArgvW
SHGetFolderPathW
ShellExecuteExW

kernel32

WriteConsoleInputVDMA
CompareFileTime
GetProcessHandleCount
GetFullPathNameW
EnumResourceNamesA
FreeEnvironmentStringsW
SearchPathW
GetShortPathNameW
MoveFileW
SetFileTime

comctl32

PropertySheetW

oleacc

LresultFromObject
CreateStdAccessibleObject

ole32

CoInitializeEx
CreateStreamOnHGlobal
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CoCreateInstance
CoInitialize

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 67KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idive
Size: 1024B - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ