57e8bd31400835de9a1bbd297f68c3886ca8995e63a15542e9be691c2f2290e0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57e8bd31400835de9a1bbd297f68c3886ca8995e63a15542e9be691c2f2290e0
Size

11KB
MD5

55ca0e2b0f7f294c2b0e7c11405d1461
SHA1

22766e286fd1f9ef6c66296fe78fe6e1c09dad23
SHA256

57e8bd31400835de9a1bbd297f68c3886ca8995e63a15542e9be691c2f2290e0
SHA512

c6a65fc346414a416a7b0794049333ff0aae248f5cec15650fd3e103b3a768713c6d6bb4b4826bf9438db82b8ce7138b2690b1707789e29271fb6d3bc80ec1bf
SSDEEP

192:/BAI13NgI5vIQdSg4KKi4RBJyOJX6wjG3g:JzXgI5vHdSg4KORBUOJXdjZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57e8bd31400835de9a1bbd297f68c3886ca8995e63a15542e9be691c2f2290e0

Files

57e8bd31400835de9a1bbd297f68c3886ca8995e63a15542e9be691c2f2290e0
.exe windows x86

d04eb22ecc3967c69a4a99e43533b5dc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ContinueDebugEvent
CreateFileA
CreateProcessA
ExitProcess
GetFileAttributesA
GetFileSize
GetLastError
GetStartupInfoA
GetStdHandle
GetThreadContext
GlobalAlloc
CloseHandle
ReadFile
ReadProcessMemory
SetFileAttributesA
SetFilePointer
SetLastError
SetThreadContext
WaitForDebugEvent
WriteConsoleA
WriteFile
WriteProcessMemory
lstrlenA
GlobalFree
AllocConsole

user32

wsprintfA
MessageBoxA

comdlg32

GetOpenFileNameA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ