54d6edaa0c0b1df4cb5109a64b029dbcd0a1349445e0760fdb93d2d637152adb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54d6edaa0c0b1df4cb5109a64b029dbcd0a1349445e0760fdb93d2d637152adb
Size

6.5MB
MD5

9e3902e4091ddba25867c6f3b33dc6b5
SHA1

f895371ab341b2722f8f2e72b16a0dd06372a3bd
SHA256

54d6edaa0c0b1df4cb5109a64b029dbcd0a1349445e0760fdb93d2d637152adb
SHA512

e19463d4e92d4fb0cd26db414137881f1c377f3141cd06699aaf6fdecf0e20e9a7860b5bf37c4fce9e61928c8f1015ff4f893d74d6b0c580f84a0e65b2a13420
SSDEEP

98304:oqSuRas1Iw1z1Aa5+jShllmITRU/KKvIdKki/HiYjhoda11hYFhCoaOQbkEKih:Qub1Iw1v5+urIITq/Edcqrda1EFs7F7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54d6edaa0c0b1df4cb5109a64b029dbcd0a1349445e0760fdb93d2d637152adb

Files

54d6edaa0c0b1df4cb5109a64b029dbcd0a1349445e0760fdb93d2d637152adb
.exe windows:4 windows x86

baa93d47220682c04d92f7797d9224ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpy

comctl32

InitCommonControls

Sections

Size: 4.8MB - Virtual size: 12.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 208KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 4KB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

blbtousm
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

finqbgtu
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE