0400000655529c458f52e88a85a2252b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0400000655529c458f52e88a85a2252b
Size

128KB
MD5

0400000655529c458f52e88a85a2252b
SHA1

128cf097a476febe03b981cc75a5f05169eccfff
SHA256

e71a1c13a8817a76dc192df71f8fe948e5e26374cb9c58624b12ccbb8df3130c
SHA512

eb451ec2fa5bc5170f0b2b8d04a5f1f11252c22352537ae999e4592ee1f9e7d1e20fb654151c869287437b4c365aa7c8c60469a9c4c84f881c5d34b1e19214b2
SSDEEP

1536:l6mtDYf8EdAwno/SKzf6CTJnGp3X/YbY5iAbGp4OP+Y/WOkqeogumfkDpI:AgDo8MnL2Jnuwbw9yp4fOkquuwkK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0400000655529c458f52e88a85a2252b

Files

0400000655529c458f52e88a85a2252b
.exe windows:4 windows x86 arch:x86

3c951b4af087e1cdbf6701a9f9908e80

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVolumePathNamesForVolumeNameA
GetCommState
GetModuleHandleA
FindAtomA
CloseHandle
EnterCriticalSection
GetTapeStatus
FormatMessageA
GetUserDefaultLangID
GlobalFree
ExitProcess
CreateHardLinkA
CreateJobSet
GlobalLock
VirtualAlloc
GetStdHandle
GetProcessHeap
ClearCommBreak
GetProfileStringA
GetOEMCP
GlobalFlags

user32

GetWindowTextLengthA
EndPaint
ReleaseDC
ValidateRect
GetParent
RegisterClassA
ShowWindow
GetClassNameA
GetForegroundWindow
GetClassInfoExA
IsIconic
GetActiveWindow
CloseWindow
GetFocus
GetWindowTextA
GetDC
BeginPaint
DrawEdge
GetWindow

wsock32

WSAGetLastError
WSAAsyncSelect
WSAIsBlocking
WSACleanup
WSAStartup

lpk

LpkInitialize

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ