fb20bc79b57dfd3e7e7ffcb176bda83c04c07b596d0e1bfe4c6dc628329c2bc3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb20bc79b57dfd3e7e7ffcb176bda83c04c07b596d0e1bfe4c6dc628329c2bc3
Size

122KB
MD5

6b0290bda73dfd1becaa6981af06379c
SHA1

192a184c9552f3edb80d05042306ab75c41aaaa2
SHA256

fb20bc79b57dfd3e7e7ffcb176bda83c04c07b596d0e1bfe4c6dc628329c2bc3
SHA512

afedfc104a6a75bd9ac9db79620e242656f0f31839dd8fe4a2099138a6cb37902ef701d448bb91034f389413dbe493353e28e49e6d6e03c70088892e35726f88
SSDEEP

3072:tss9aFHhBg9oXGqPIdGjraFzFutVTkGD2H/oi37jd:X9aFPg9oXBSGjraFz0T5D2F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb20bc79b57dfd3e7e7ffcb176bda83c04c07b596d0e1bfe4c6dc628329c2bc3

Files

fb20bc79b57dfd3e7e7ffcb176bda83c04c07b596d0e1bfe4c6dc628329c2bc3
.exe windows:4 windows x86 arch:x86

d7b3697981a4bb7b090c3ebd4660478b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
WaitForMultipleObjects
FindClose
LeaveCriticalSection
GetThreadPriority
WaitForSingleObject
CloseHandle
GetStartupInfoA
GetSystemTimeAsFileTime
FreeEnvironmentStringsA
GetLastError
InitializeCriticalSection
SetFilePointer
CreateEventA
SetEvent
EnumResourceNamesA
GetDriveTypeW
ExitProcess
Sleep
SetEndOfFile
ReadFile
DeleteCriticalSection
GetLocalTime
EnterCriticalSection
FindFirstFileW
ReleaseSemaphore
CreateSemaphoreA
WriteFile
LoadLibraryA

oleacc

LresultFromObject
CreateStdAccessibleObject

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 932B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ