b06d50d8e7adc76b7e9af46f837054feff493ba3929d5e5172a48686811d1e9eN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b06d50d8e7adc76b7e9af46f837054feff493ba3929d5e5172a48686811d1e9eN
Size

342KB
MD5

f1c2fc8f7b45cfab95a641ae97b4d620
SHA1

b2c145fcf013fcecc8ba771045c269daf3ee38a1
SHA256

b06d50d8e7adc76b7e9af46f837054feff493ba3929d5e5172a48686811d1e9e
SHA512

869e68a6d238c14804b33a99cfb75ffd85afa6a6370bf712a5f1f124ff5e2a506b38a7676af14571ff0f8ca6d1605882108c729d0b10bcc1a28c46f138110ef7
SSDEEP

6144:YZtTLcSj5PSXyggMfOLRTYO+9wTLfdvyhEwFUsjRLTt+/1Hf9:gFhgh2R8O+yFqpLh+d/9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b06d50d8e7adc76b7e9af46f837054feff493ba3929d5e5172a48686811d1e9eN

Files

b06d50d8e7adc76b7e9af46f837054feff493ba3929d5e5172a48686811d1e9eN
.exe windows:4 windows x86 arch:x86

af6b17b1b45f73fe913e2aec7bcff3f6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetConsoleCP
GetStdHandle
GetLastError
CreateMailslotA
GetACP
CloseHandle
GlobalLock
CreateEventA
LocalFree
FreeEnvironmentStringsA
GlobalUnlock
CreateFileA
IsDebuggerPresent
FindClose
IsBadReadPtr
HeapCreate
lstrlenA
CreateFileMappingA
GetModuleHandleA
LoadLibraryExA

user32

GetMessageA
SetFocus
EndDialog
DialogBoxParamA
IsMenu
CheckMenuItem
DispatchMessageA
GetIconInfo
GetDlgItemTextA
RedrawWindow
GetDlgItem
GetListBoxInfo
GetParent
DrawIconEx

apphelp

SdbFindFirstTag
SdbCloseDatabase
ApphelpShowDialog
SdbFreeFlagInfo
ApphelpCheckRunApp

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ