deb517461ddf6fee36a0b1c000077699 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

deb517461ddf6fee36a0b1c000077699
Size

73KB
MD5

deb517461ddf6fee36a0b1c000077699
SHA1

bc898b7d5589d5bdecfdca2b3258ecf82006157a
SHA256

d104bc1e1db653fb9dfd728c539e148096e678b4052fa6160638196da89661d2
SHA512

18a7e3ae4c08b4babb52513633e806151cbf90e13dc01885ed096719b7beabbbb0707804f77208609fa3b5873444914b29c535ce8862ec806f76070ccb465d4f
SSDEEP

1536:hXI9LeeqKmP2MFLbmjpL97gLNn1BPa4fSL9YssGB+d:h1eqP2MQV9QPPGYXU+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
deb517461ddf6fee36a0b1c000077699

Files

deb517461ddf6fee36a0b1c000077699
.exe windows:4 windows x86 arch:x86

ddaa08ec4ae1b0eccc5bd12fd3bb8c20

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

UnlockUrlCacheEntryFile
InternetGetLastResponseInfoA
InternetEnumPerSiteCookieDecisionW
InternetSetDialState
ShowSecurityInfo

advapi32

CloseServiceHandle
CryptGetKeyParam
FindFirstFreeAce
IsValidSid
FreeSid

msvcrt

strlen
_cabs
__wargv

user32

IsCharLowerA
GetWindowDC
LoadImageA
GrayStringA
GetSysColorBrush
HideCaret

Sections

.text
Size: 47KB - Virtual size: 54KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE