beb06a9a858a1bfa20161aca5bba6947 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

beb06a9a858a1bfa20161aca5bba6947
Size

175KB
MD5

beb06a9a858a1bfa20161aca5bba6947
SHA1

b1e765361af0014ad48aa21d3df2d9b570132d7d
SHA256

e97a10f163e6613381d70632eb9c925ff8aa83338b010e0b9f8d48f5e1cfdf41
SHA512

3a8d2c3ba8e18360b9e4a3f2448cba63c7a3899747aa27505de222189c98874cbf78046b1b415cf0217cb4654cfdfe2ef00eae7df5250fc77a0a2e21929b4213
SSDEEP

3072:AsFYCu/BU0tJU7PMb6Fh9zYLxc7C6d0tvSVGanYawh5TR:As6n/K0tG7Mb6F3dLovScanwbd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
beb06a9a858a1bfa20161aca5bba6947

Files

beb06a9a858a1bfa20161aca5bba6947
.exe windows:4 windows x86 arch:x86

8126a170d302421cea3a651ffba9ead4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetSystemDefaultLangID
GetAtomNameA
HeapCreate
HeapReAlloc
GetCommandLineA
GetConsoleCP
GlobalUnlock
WaitForSingleObject
GetModuleHandleA
CompareFileTime
SuspendThread
SetConsoleCP
LoadLibraryExA
GetStdHandle
CloseHandle
GetTickCount
InterlockedExchange
VirtualProtect
GetVersion
WaitForMultipleObjects
lstrlenA

user32

GetKeyState
CopyImage
DialogBoxParamA
FindWindowA
GetKeyboardLayout
InvertRect
DragObject
DispatchMessageA
CreateMenu
EnableScrollBar
GetDlgItem
SetPropA
DrawCaption
SetScrollInfo
IsDialogMessage
GetCursorInfo
CreateIcon
DestroyMenu
FillRect
SetWindowPos
InsertMenuA

advapi32

RegEnumValueA
RegCloseKey
RegQueryInfoKeyA
RegCreateKeyExA
RegEnumKeyA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 784KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ