c9b52ec6affb35a2e808252206b310aa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9b52ec6affb35a2e808252206b310aa
Size

20KB
MD5

c9b52ec6affb35a2e808252206b310aa
SHA1

585c2a565ded39c7224f17a9e91ea4cecaa3f4fb
SHA256

5a2a2a8573ca2def43bec64e879b0bce97508d62fff5a1834a2733dd3816a6f1
SHA512

16d8fa4d0937824bc699d3a881f00f83a944ff8036e9c20986fa029027425c6b293e25886b0870bf461c9c4f45f7c6ada87545b7ac3fb56c35c29be97f8e125e
SSDEEP

192:5VDAbPKt1PbSb0mlvvmv7is70f6muacd9s+N:nUGVufdv294ifaczs+N

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9b52ec6affb35a2e808252206b310aa

Files

c9b52ec6affb35a2e808252206b310aa
.exe windows:4 windows x86 arch:x86

cd5ca650d43b8cbdbbf45691b349f33b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
GetCommandLineA
GetModuleHandleA
FreeLibrary
CloseHandle
LocalFree
GetVersionExA
CreateEventA
lstrlenA

gdi32

DeleteObject
BitBlt
SelectObject
GetStockObject
GetTextColor

msvcrt

exit
wcslen
__getmainargs
rand
wcschr

Sections

.text
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1009B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ