b955bfe7d6311dbb542e5e0a96454ceb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b955bfe7d6311dbb542e5e0a96454ceb
Size

209KB
MD5

b955bfe7d6311dbb542e5e0a96454ceb
SHA1

89bb7bac579623ce07414b66e82ed6b7345ee5af
SHA256

50713f166f4354a0a20de2550f7978a1e1732862d96b0478a6a34fd6b9b882bc
SHA512

e0a4fc49ac4648f4aaf2ab2b41a779ba10049b07ae5fb4a8423d404227da1f1805e700642c7d24bd15fb25eae90ba6c0a35eba734a8007e59145cd4ae84f6c75
SSDEEP

6144:Wl9c2AP/bPIJpzGTiZ10q0fPM8/NnUMwZ57u:Mc9QJpzQPtnUV57

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b955bfe7d6311dbb542e5e0a96454ceb

Files

b955bfe7d6311dbb542e5e0a96454ceb
.exe windows:4 windows x86 arch:x86

691f1193f16065947032ace3a2329e55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

fabs

comctl32

InitCommonControls

user32

IsChild

gdi32

BitBlt

ole32

CoInitialize

shell32

ShellExecuteExA

shlwapi

PathQuoteSpacesA

Sections

.MPRESS1
Size: 204KB - Virtual size: 752KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 984B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE