fb4502d6dbd5477989a7f8cc874245c7169db9716d7f1dfca6c36170f2d5b5ae | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb4502d6dbd5477989a7f8cc874245c7169db9716d7f1dfca6c36170f2d5b5ae
Size

37KB
MD5

8fda81ec8967ee0f2d2d51c903b6a611
SHA1

cf1bc2cac820b0a37445bbf0ba3dbe703d9e39d1
SHA256

fb4502d6dbd5477989a7f8cc874245c7169db9716d7f1dfca6c36170f2d5b5ae
SHA512

79c979e5e5872a1482d7e0af49de7807046bd0423156f9dac31a94352a165ac29da6edf81ecc54a8ccacc42ac7d8878c82d07581c1ce4541aec1c6080eaaafe8
SSDEEP

768:/YzEI7aYv6N3a5smptK5VX1/fAg8p/t/ctpiaC0ZrG7o:jcaYvEa5Ltaneht/c7vCKrwo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb4502d6dbd5477989a7f8cc874245c7169db9716d7f1dfca6c36170f2d5b5ae

Files

fb4502d6dbd5477989a7f8cc874245c7169db9716d7f1dfca6c36170f2d5b5ae
.exe windows:4 windows x86 arch:x86

8154af1ad3da1ac3c8e822c46a63f919

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
VirtualAlloc
CloseHandle
CreateFileW
DeleteFileW
GetFileSize
GetModuleFileNameW
GetTempPathW
GetCurrentDirectoryW
ReadFile
WriteFile
lstrlenW
lstrcmpW
SleepEx
GetProcAddress
LoadLibraryA

user32

wsprintfW

wininet

InternetOpenW
InternetConnectW
HttpOpenRequestW
HttpSendRequestW
InternetCloseHandle
InternetReadFile

shell32

ShellExecuteW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 970B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ