bb6617dd92e593f0a6a3bb4b90b6e72f | Triage

Sharing

General

Target

bb6617dd92e593f0a6a3bb4b90b6e72f
Size

193KB
MD5

bb6617dd92e593f0a6a3bb4b90b6e72f
SHA1

82a74f7b7c6a0a8ac0badd00b48e815604c6d65a
SHA256

e54e6694a111d0483a27d0e921f0f4e7c98b182b92bd7eef2b87bc192306a60e
SHA512

e57d05b0788b1aa6db44a369fd4b89b990d9c36433a432cc3d3b6f7bc0147e65b29cdf0e7756870b6cef48d9a2e2fe19b8561418b6646fa46ac948792ac61171
SSDEEP

6144:HJ5mkLdxLu1olJlgPSXaLLOgUnpkLS+pWB:HJ5zLuKlQPHLL7IpknWB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb6617dd92e593f0a6a3bb4b90b6e72f

Files

bb6617dd92e593f0a6a3bb4b90b6e72f
.exe windows:4 windows x86 arch:x86

cb38306f1f5831cd79a0b8eddd36cd35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetTickCount
InterlockedExchange
HeapReAlloc
GetModuleHandleA
CompareFileTime
SuspendThread
GetSystemDefaultLangID
VirtualProtect
GetCommandLineA
lstrlenA
GetStdHandle
HeapCreate
WaitForSingleObject
GlobalUnlock
CloseHandle
SetConsoleCP
GetAtomNameA
LoadLibraryExA
WaitForMultipleObjects
GetVersion

user32

GetKeyState
DialogBoxParamA
InvertRect
FillRect
CreateMenu
IsDialogMessage
CreateIcon
EnableScrollBar
DragObject
GetKeyboardLayout
GetDlgItem
SetScrollInfo
DrawCaption
SetPropA
GetCursorInfo
CopyImage
SetWindowPos
InsertMenuA
DestroyMenu
DispatchMessageA
FindWindowA

advapi32

RegQueryInfoKeyA
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegEnumKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 796KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ