05dc3b0bab58e7a38d05020e9a136aef | Triage

Sharing

General

Target

05dc3b0bab58e7a38d05020e9a136aef
Size

78KB
MD5

05dc3b0bab58e7a38d05020e9a136aef
SHA1

72c64b39b1039401802633e5c538e15ca7ffc84f
SHA256

14df6ca7b3209738b5797b26f23d9ba067abf364bc4ec95c068d8a96a81d6c27
SHA512

448fbc02ba4f44d5cad1b512638469bf20955c7f4905599cec444210613148528bee0ac5668ffb48ed8175b7e14b0f6ae0e0d9a89ea7d8495c3c8cea2276ce3c
SSDEEP

384:erhMCXuEt1LP5Ndi+3f5kOxHrIv5RI0qSVseVsb+L5Zk:erVjLP5Nd3zxARI09qPbu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05dc3b0bab58e7a38d05020e9a136aef

Files

05dc3b0bab58e7a38d05020e9a136aef
.exe windows:1 windows x86 arch:x86

e95c56ba5b13e8c0717199a13a38b879

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

MessageBoxA

kernel32

OpenFile
ReadFile
ExitProcess
CloseHandle

Sections

CODE
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE