bb318b5f69e2aeb96572b72a6383e12e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb318b5f69e2aeb96572b72a6383e12e
Size

1.2MB
MD5

bb318b5f69e2aeb96572b72a6383e12e
SHA1

86356dca09d52b8db56a1132167764ec5e692550
SHA256

c7a2d48b18c7606d89e7f328090c5d85886b22e6d11000b671316570a16d2a42
SHA512

77f179cd3e25394d12c896bc1523f20ecdc3db138957d61c8524b97ff3836bf3b0b601130a3a6fc51596ecfebe23843ff16d1a2f023ccfed900996d045e5deac
SSDEEP

24576:bbVoV6ieNkAC9qEPktLhFhLACXp3T8undqXAWWW2hhhY1VOOCmflh+:9oV67kA4qFFhkYppndqXchhhY6Onflo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb318b5f69e2aeb96572b72a6383e12e

Files

bb318b5f69e2aeb96572b72a6383e12e
.exe windows:4 windows x86 arch:x86

df10064e94a515d04faf9100997006ef

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateDialogParamA
LoadMenuA

kernel32

CreateThread
GetProcessHeap
ExitProcess
GetCommandLineA
CreateProcessA
GetStartupInfoA
GetLastError
GetProcAddress
VirtualAllocEx
GetModuleHandleA
FindResourceA
CloseHandle
WriteProcessMemory
WaitForSingleObject
HeapFree
TerminateProcess
GetCurrentProcess
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetTickCount
HeapAlloc

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 910B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.1MB - Virtual size: 1.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 914B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ