be09841b134d4f3b0b921a71bc7bcaaa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

be09841b134d4f3b0b921a71bc7bcaaa
Size

173KB
MD5

be09841b134d4f3b0b921a71bc7bcaaa
SHA1

8b354c08a843f7ac4809879f1b7d600c4d8fbba7
SHA256

b7f14407c48003c02debbe63a40731d171497ff5eb577046e5347ec27aa89e85
SHA512

b83517a567a9e521eb3c66a5961d2d564c27929306611e08af64ee6b1a353f61f2375bf22f19945e9a89656d273e601be9654884374ddc39d50d8a29afb53150
SSDEEP

3072:6cA2BXeb7C6lVKVR8JfqSswgG7fepXf7myDW5ej8H390JiC:6nQeHPlwoJfqrjXfTDWQ8H36c

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
be09841b134d4f3b0b921a71bc7bcaaa

Files

be09841b134d4f3b0b921a71bc7bcaaa
.exe windows:4 windows x86 arch:x86

0ca9827cb0663cc0dc86626b7e5952dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetCurrentThreadId
GetProcAddress
GetShortPathNameW
FreeLibrary
GetProcessTimes
DeleteCriticalSection
CloseHandle
CreateFileA
LocalFree
GetModuleHandleA
SetUnhandledExceptionFilter
InitializeCriticalSection
EnumResourceTypesA
LoadLibraryA
IsBadReadPtr
IsDebuggerPresent
WideCharToMultiByte
GetThreadLocale
GetLastError
lstrlenA
ExitProcess
MultiByteToWideChar
UnhandledExceptionFilter
GetCurrentProcessId
IsBadWritePtr
GetVersionExA

ole32

StgCreateDocfile
StgOpenStorage

msvfw32

ICOpen
ICSendMessage
ICClose
ICDecompress

user32

wsprintfA
wsprintfW

Sections

.text
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ