cb7e23837a77e476974d68a82f6990ab | Triage

Sharing

General

Target

cb7e23837a77e476974d68a82f6990ab
Size

6KB
MD5

cb7e23837a77e476974d68a82f6990ab
SHA1

3c33fc5510fc2d8c669a3c4562e56cf91a919197
SHA256

641bb9717905159c1e046e21f8d087b23ea4e6ae37b3f39d4eab18fc43496522
SHA512

65e12440bcea6b31d30b30bacd8d931579a6c6b92c454efaacb990dfb0c56dd87ca7f3b7bc041f56e576aa3c21cce6bc00e1196e2c39334598940f4eb44061f8
SSDEEP

48:Itm/4KAR/NDMkpmpylrdN2CSIiudAWplCHczsMEVaiQ30SD1O7cdQOD9ne9M5Wpw:ItmiV7dSEs8pEVF9OOgQqePc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cb7e23837a77e476974d68a82f6990ab

Files

cb7e23837a77e476974d68a82f6990ab
.exe windows:4 windows x86 arch:x86

1c039819858a5ad424d8b4a53737ec2a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProcessMemory
OpenProcess
GetModuleHandleA
GetSystemDirectoryA
ExitThread
SetLastError
GetCurrentProcessId
VirtualFree
VirtualAlloc
CloseHandle
CreateRemoteThread
GetPriorityClass
ResumeThread

user32

FindWindowA
GetWindowThreadProcessId

shell32

ShellExecuteA

msvcrt

sprintf

urlmon

URLDownloadToFileA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE