bb57d8a7caa789eda8c9370989f58f89 | Triage

Sharing

General

Target

bb57d8a7caa789eda8c9370989f58f89
Size

802KB
MD5

bb57d8a7caa789eda8c9370989f58f89
SHA1

02833704602cc1e778f82b155f6fc02e0c4c0d7c
SHA256

5e91204940b880947eaa95dc1cee28ff8015d625b96b76020b45f90a39e49e97
SHA512

88bdad152d21bdfcca471e85a9dc60cc26bd2f7251240b3413e0ad394f2320932854ed52ff704d3de8a6d28a3a7756335f85d779bb7ba677c47754a574c4b56e
SSDEEP

12288:7xJHC5WbHsnWIVpP6J3fMYxF8X/DsfLJiyd466cOqIlUhOtz5L8z4p7qWVPV6oPP:VFsnWod6J3fMXAiI4Pcx8dsWLFV6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb57d8a7caa789eda8c9370989f58f89

Files

bb57d8a7caa789eda8c9370989f58f89
.exe windows:5 windows x86 arch:x86

477672ba575517f01eb7d5ec92408b99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFlags
GetModuleHandleA
InterlockedExchange
DeleteFileW
SetFileTime
SetFilePointer
GetFileAttributesA
CreateDirectoryA
GetConsoleMode
HeapDestroy
OpenMutexA
DeleteFileW
GetModuleFileNameA
GetCurrentThreadId
LeaveCriticalSection
FindAtomW
CreateFileW
GetProcessHeap
GetProcessVersion
GetDriveTypeW
PulseEvent
VirtualProtectEx
OpenEventA
CreateFileW
GetVolumePathNameA

user32

wsprintfA
MessageBoxA
GetWindowTextA
PeekMessageA
GetWindowLongA
SetRect
IsMenu
GetWindowLongA
DispatchMessageA
DestroyMenu
DestroyIcon
LoadCursorA
SetFocus

dot3msm

DllMain
Dot3MsmFreeProfile
Dot3MsmDeInit
Dot3MsmDisconnect

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE