fbd88db711b2d5ac57f7e9eea2c10895729e6e629733685b092da62ebf1e24ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fbd88db711b2d5ac57f7e9eea2c10895729e6e629733685b092da62ebf1e24ff
Size

28KB
MD5

6f689d3f39594e687c8adb15768d9b31
SHA1

93e42d3e9ceaf911fdeb0b59144eb32da1e44ef0
SHA256

fbd88db711b2d5ac57f7e9eea2c10895729e6e629733685b092da62ebf1e24ff
SHA512

95ed7cc9787c86d214b6799c17ae3d5a6fe14b0b010b7858c5fe2f81d715a2ceae55bbd2b19e6afecc44fa65fb28206f0275ed67377892e124322375a916c45f
SSDEEP

384:CkCBLdGY2lmwcMaxgR6kAOuhnNpvyxEJ14gC/pPoCK5Ec3Wk97hx7ln:ChR8YsLcQDuR/vyc1bC+3J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fbd88db711b2d5ac57f7e9eea2c10895729e6e629733685b092da62ebf1e24ff

Files

fbd88db711b2d5ac57f7e9eea2c10895729e6e629733685b092da62ebf1e24ff
.exe windows:4 windows x86 arch:x86

7602c04106a0c7a6af949febb6c2a0d8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

oleaut32

VariantTimeToSystemTime

kernel32

LoadLibraryA
GetDateFormatA
GetTimeFormatA
GetLocalTime
GetProcessHeap
GetModuleHandleA
ExitProcess
HeapAlloc
HeapReAlloc
HeapFree
IsBadReadPtr
LocalFree
WideCharToMultiByte
GetCommandLineW
CloseHandle
WriteFile
CreateFileA
GetModuleFileNameA
GetPrivateProfileStringA
FreeLibrary
GetProcAddress
LCMapStringA

msvcrt

modf
__CxxFrameHandler
??3@YAXPAX@Z
??2@YAPAXI@Z
atoi
_ftol
strncpy
strncmp
sprintf
strchr
memmove
malloc
free

user32

wsprintfA
MessageBoxA

shell32

CommandLineToArgvW

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE