e5ca93e74b05d3bceff5bc61a3321828c44e0ec92f1592eaafd661bf4d67ff1f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e5ca93e74b05d3bceff5bc61a3321828c44e0ec92f1592eaafd661bf4d67ff1f
Size

941KB
MD5

cc4c283dd1dd023637e858c7e3dd0835
SHA1

55beabb3589ace897c355517d30f84adf698aef9
SHA256

e5ca93e74b05d3bceff5bc61a3321828c44e0ec92f1592eaafd661bf4d67ff1f
SHA512

4f6b33b7dc736c9b6e9ef25014e15fc64a2e173f0faf8b174711c4600d55df0d6a857af995bad5202d3d9d07befb4a33e6ff236aa9733a21429a45cfff426a27
SSDEEP

24576:8/+VMAMXtl0ExzhSfSu5kAnD0j8PhmmZzDy9hxiK+MQZwVzA:8/GIr0Exd+ND5h/5DyEK+sVzA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e5ca93e74b05d3bceff5bc61a3321828c44e0ec92f1592eaafd661bf4d67ff1f

Files

e5ca93e74b05d3bceff5bc61a3321828c44e0ec92f1592eaafd661bf4d67ff1f
.exe windows x86

6e36a62616bc8778c4d71d9078e973d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

cbser

YunXing

Sections

CODE
Size: 139KB - Virtual size: 408KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE