cb2565dfc73e2a2b547c0a54d085910f | Triage

Sharing

General

Target

cb2565dfc73e2a2b547c0a54d085910f
Size

169KB
MD5

cb2565dfc73e2a2b547c0a54d085910f
SHA1

9e0b1b632765a2de3fea2a44436530746436bbe9
SHA256

a5bb3fc7347500fdf5a8fa486ea1293ddbd5eede0b8ac4d62337a72a3dc7fc13
SHA512

25762d3d6b18d563e2de7731d4b976534ea10d28a9902a1c4be4687402dcef944757f045954b9863c86f8366f96efc23f1a227da888f3c18fb77d10f8a52077e
SSDEEP

3072:UaGzQ7lmDUW0WysPk89b4Gj/UUjvPxD8emb3mQCijrevizW96h3dekuNLEEsrg+:mzQhmD5fLoUrxDdmynn6zbluqLx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb2565dfc73e2a2b547c0a54d085910f

Files

cb2565dfc73e2a2b547c0a54d085910f
.exe windows:4 windows x86 arch:x86

e191b4d36b8dbf417d8814c239a87dfd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA
GetKeyboardType
PostMessageA

kernel32

GetModuleFileNameA
GetEnvironmentVariableA
ExitProcess
FormatMessageA
GetLastError
SetLastError
GetProcAddress
VirtualProtect
LoadLibraryA
GetModuleHandleA
MultiByteToWideChar
GetModuleFileNameW
GetVersionExA
VirtualFree
VirtualAlloc
GlobalAlloc
SetFilePointer
ReadFile
CreateFileA
DeleteCriticalSection
TlsSetValue
WriteFile

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

shell32

ShellExecuteA

Sections

.text
Size: 23KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE