fb4c1dbe65d6ddd3bec6dd26552c4a07afebf8c0219e75ff7cc81297ba3d460a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fb4c1dbe65d6ddd3bec6dd26552c4a07afebf8c0219e75ff7cc81297ba3d460a
Size

23KB
MD5

b535990e522deee1219206b9862df4b3
SHA1

a33c00dbcef898438432f16160efa85447c712c9
SHA256

fb4c1dbe65d6ddd3bec6dd26552c4a07afebf8c0219e75ff7cc81297ba3d460a
SHA512

a363df416983705aa7856d9e5b6e1d187c9bee675916b27f2b06bae2e17abbdf6cdf3f25edf5233013a63a45affc83ff89dfaf1a9e006d5912b48272862773e7
SSDEEP

192:aEziYIk7VQ5ANWF5shCC0dbYzfmuPMoDlUvDje2A2z4puuLTEef3sfrpEBgOWta3:aENVb0db0+69lCS2N4pkGk3I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb4c1dbe65d6ddd3bec6dd26552c4a07afebf8c0219e75ff7cc81297ba3d460a

Files

fb4c1dbe65d6ddd3bec6dd26552c4a07afebf8c0219e75ff7cc81297ba3d460a
.exe windows:4 windows x86 arch:x86

e74c31d11e7570d6571da70016af25f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DefWindowProcW
PostQuitMessage
SendMessageW
CreateWindowExW
ShowWindow
UpdateWindow
LoadCursorA
LoadIconA
RegisterClassExW
LoadStringA
GetMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
DestroyWindow
LoadAcceleratorsW

kernel32

GetModuleHandleA
ExitProcess
GetCommandLineA
HeapAlloc
GetProcessHeap
lstrcpynW
CloseHandle
GetStartupInfoA
ReadFile
CreateFileMappingW

comctl32

InitCommonControlsEx

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 1002B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ