b9b1c5b3a1930ed60fba2cb2e2c8570f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9b1c5b3a1930ed60fba2cb2e2c8570f
Size

176KB
MD5

b9b1c5b3a1930ed60fba2cb2e2c8570f
SHA1

38aac259e1cb7be777b2ea340e80e8223f38e71d
SHA256

1b2916c97dc1834fc1a947c672b23fa33dcf955426540edc5e5c964849408c0a
SHA512

7d138cd6be8b1955f299ff5a370aa34e7404a6138f17f30abe9d022620d297b76f29abbc52861046a9617e58d2c80a18f566943610b9840940484d6b0414de87
SSDEEP

3072:+7miiLE+LUhmJtuUt+nu3gSIBNONerYCKGWLqkJF+Q4rPpP:+PqocJgUt+2RwNONeMCKpJF+hPF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9b1c5b3a1930ed60fba2cb2e2c8570f

Files

b9b1c5b3a1930ed60fba2cb2e2c8570f
.exe windows:4 windows x86 arch:x86

23f9ce122379c9ff7d61ed653f8dc2d5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
LoadLibraryA
CloseHandle
CreateFileA
ExitProcess
GetCurrentProcess
LCMapStringA

user32

CloseWindow
wsprintfA
CreateWindowExA
SetWindowLongA
CharLowerBuffA

advapi32

RegEnumKeyA
RegDeleteValueA
RegSetValueA
RegCreateKeyA
RegQueryValueA
RegCloseKey
RegEnumValueA
RegDeleteKeyA
RegOpenKeyA

Sections

.text
Size: 159KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ