169a9b37aaee31a343153d26d2bb42b1c661bf65227e78425a4b413911a24ed9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

169a9b37aaee31a343153d26d2bb42b1c661bf65227e78425a4b413911a24ed9
Size

4.4MB
MD5

a8b295ceb91f2b66f029fbe37da58c7a
SHA1

abbb39aa2e2c9b755972b1de4262c57080ba8597
SHA256

169a9b37aaee31a343153d26d2bb42b1c661bf65227e78425a4b413911a24ed9
SHA512

e60938e383a760ebb5ef17717d3720696e16f188abe5a8492a782386d6aaae6d022141c5ce4a2c55d04f9cb966222ad13d63fadf8aec55916269d7e8630ba5da
SSDEEP

98304:m6//q6oLHP96kDncR3MZACQaCkvhhu7ZAoS1xMTm3/Z:m6nVYHP964uB3pka7Z8umx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
169a9b37aaee31a343153d26d2bb42b1c661bf65227e78425a4b413911a24ed9

Files

169a9b37aaee31a343153d26d2bb42b1c661bf65227e78425a4b413911a24ed9
.exe windows:4 windows x86 arch:x86

0689d88d0b66ac9b0c5469b5bb70ecb5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
VirtualProtect
MapViewOfFile
UnmapViewOfFile
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
LoadLibraryA
CreateFileA
CreateFileW
WriteFile
CloseHandle
GetLocalTime
VirtualQuery
CreateFileMappingW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentProcess
FlushInstructionCache
GetSystemInfo
VirtualProtectEx

user32

wsprintfA

shlwapi

ord158

msvbvm60

EVENT_SINK_GetIDsOfNames

Sections

.text
Size: - Virtual size: 12.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.virbox
Size: - Virtual size: 5.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.vdata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.virbox3
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ