57ab6399ea9bd3307a3d5dc5a7bfa1fe0d143ab2027e5c314ea9bf118886d842 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57ab6399ea9bd3307a3d5dc5a7bfa1fe0d143ab2027e5c314ea9bf118886d842
Size

7KB
MD5

986f66c46714eb721c2cf11c71bb1ab6
SHA1

351f6024292695050e94f62329ab13d9419ebda6
SHA256

57ab6399ea9bd3307a3d5dc5a7bfa1fe0d143ab2027e5c314ea9bf118886d842
SHA512

ce38367b14add9e9dbdb3198b1144c16d71dfbb77dce87f9b86caef96d3faf40321514b77e9d982f199de9b5919d1ed9eae6fd995a9790b90f6b673b112b255c
SSDEEP

96:wfCXv8+HTT7PTy5M1m/HHkxQ0XCq3gv9whDKMkBcSZ:dUATTTgExQ0yMgv6DKMkBcSZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57ab6399ea9bd3307a3d5dc5a7bfa1fe0d143ab2027e5c314ea9bf118886d842

Files

57ab6399ea9bd3307a3d5dc5a7bfa1fe0d143ab2027e5c314ea9bf118886d842
.exe windows:6 windows x64

db89a838020511385615ce9d9255f445

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

user32

CreateWindowExW
ShowWindow
UpdateWindow
DialogBoxParamW
RegisterClassExW
BeginPaint
EndPaint
DestroyWindow
DefWindowProcW
EndDialog
LoadCursorW
LoadIconW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
GetMessageW
LoadAcceleratorsW
PostQuitMessage
LoadStringW

kernel32

GetCurrentProcess
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlVirtualUnwind
RtlLookupFunctionEntry
RtlCaptureContext
IsProcessorFeaturePresent
TerminateProcess

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 512B - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ