b999231436273d6664f15230d5401054 | Triage

Sharing

General

Target

b999231436273d6664f15230d5401054
Size

77KB
MD5

b999231436273d6664f15230d5401054
SHA1

60704c2c509df29a94a022ac2ae1709559eb901f
SHA256

f2462b295b98084786d7f8a0731ac23a2d3eb43b7df0fe77fae2590920a5411c
SHA512

f04fc62027db5685c66d0a93a63227499e1fec11051885f8a034c55b5ae46f11cd4b25fd10dd87db230ed8522c0477571e6aff95396454eac355cb8e203f73d8
SSDEEP

768:/RNuA0hTAINunD7D6hzoceHN34PfibMed8BVQdCOeoBB63qtJUAWJv/crCQL8xxV:54AaTb8DUlSMTVQggB6xAWh7qwXHF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b999231436273d6664f15230d5401054

Files

b999231436273d6664f15230d5401054
.exe windows:4 windows x86 arch:x86

ddaa08ec4ae1b0eccc5bd12fd3bb8c20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

UnlockUrlCacheEntryFile
InternetGetLastResponseInfoA
InternetEnumPerSiteCookieDecisionW
InternetSetDialState
ShowSecurityInfo

advapi32

CloseServiceHandle
CryptGetKeyParam
FindFirstFreeAce
IsValidSid
FreeSid

msvcrt

strlen
_cabs
__wargv

user32

IsCharLowerA
GetWindowDC
LoadImageA
GrayStringA
GetSysColorBrush
HideCaret

Sections

.text
Size: 48KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE