bb878401c096289586505e1bb8c11ef2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb878401c096289586505e1bb8c11ef2
Size

360KB
MD5

bb878401c096289586505e1bb8c11ef2
SHA1

8342f6678f5367ce37c65920bd9d6fff336eecaa
SHA256

c646d6e8100df06a9db258077271ff1db693244a54a4bfb1cb6d668b41e11060
SHA512

4ffca4da29838a8cddbb304306029dd780fcc432f9fc33aea00486e6d962061ed5fd64df07730f428a46e679e2d8fbbb6ef7eafbd13c9b8c82b70b09878ee6d0
SSDEEP

6144:6ieW2cZHvpPgnOv/vTti+mNwroz2+W1IOrGNM5Bp7/VJA0kGqT:32G8YrE+mKoNWYwRa0zq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb878401c096289586505e1bb8c11ef2

Files

bb878401c096289586505e1bb8c11ef2
.exe windows:4 windows x86 arch:x86

754efae714db3e4f17b99f0a7481115d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
GetStringTypeW
InterlockedIncrement
FlushFileBuffers
CreateFileA
FreeEnvironmentStringsW
Sleep
UnhandledExceptionFilter
GetOEMCP
FindFirstFileA
WriteFile
SetFilePointer
WideCharToMultiByte
GetConsoleOutputCP
lstrlenA
LocalFree
GlobalUnlock
GetCurrentProcessId
GetVersion
GetModuleHandleA
GetTickCount
GetCommandLineA
GetCurrentThreadId
GetLastError
GetCurrentThread
ExitProcess
HeapAlloc
GetProcessHeap
GetStartupInfoA

msvcrt

_XcptFilter
exit
_acmdln
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp
_exit
_strcmpi

Sections

.text
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 332KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ