bb8a60fb9057e4f284c07c3e4224e12b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb8a60fb9057e4f284c07c3e4224e12b
Size

161KB
MD5

bb8a60fb9057e4f284c07c3e4224e12b
SHA1

98b2816c17d5a5b57b8916e4ed77416d1561a7ae
SHA256

49023db5375b748bfff40ae9c14ab3a462a4237f5c4c2d00c131b931752fe019
SHA512

24dce1c8a5b19836609bf3f30044c234f848b300acab648daa2fb4d7c8dedb2064c759fcab0a763e218705ae22cba5a88c916e4fb2985f1c43c690a10dfe0762
SSDEEP

3072:JOlHMq9Dh6Y+J0zs8icLMFpSmvFsQWhxXjXI30LUZ+STq2DH6h84r1oW:WMud+qs9cL+EPjI9ZvRrH4t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb8a60fb9057e4f284c07c3e4224e12b

Files

bb8a60fb9057e4f284c07c3e4224e12b
.exe windows:4 windows x86 arch:x86

45be808c363b164259716458a2fb87a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
ReleaseMutex
EnumResourceTypesA
GetExitCodeProcess
FreeConsole
TlsGetValue
CloseHandle
CreateMutexA
FindClose
GetLastError
GetModuleHandleA
GetDriveTypeA
DeleteCriticalSection
GetCommandLineA
Sleep
SetLastError
GetComputerNameA
GetTickCount
LoadLibraryExW
GetDiskFreeSpaceExW

shell32

DragFinish
ShellAboutA
SHGetDiskFreeSpaceA
SHFree
ShellMessageBoxA
SHGetNewLinkInfo
DragQueryFileA
SHGetSettings
StrChrA
SheChangeDirA
DllUnregisterServer
DragAcceptFiles
SHGetMalloc

msports

ComDBOpen
ComDBClose
ComDBReleasePort
PortsClassInstaller
ComDBClaimPort

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ