05e937b9759a2bb73d58fe261ba8cb8b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05e937b9759a2bb73d58fe261ba8cb8b
Size

88KB
MD5

05e937b9759a2bb73d58fe261ba8cb8b
SHA1

86aa9d7eedab695ce6472fa64a8c675067cc4e37
SHA256

44afa431a5090f42234e51b661db5c2d2ff705290533abec47d726ee435680ac
SHA512

b49cb9e5431a21092bb08ca48c617700e7a031f690c189af71d5be13b99ac815a36705c5fe2730489364be1121759c273394db705775449937c73046fddc0812
SSDEEP

1536:oOUGCCdVuUB24Ngwy6SogaaQg2Wz+ZWf09rhT:DrCCuS24NfyogaaQdWzuWf09

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05e937b9759a2bb73d58fe261ba8cb8b

Files

05e937b9759a2bb73d58fe261ba8cb8b
.exe windows:4 windows x86 arch:x86

3fc6d984153cc5d056693dd55ac073d9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
TlsGetValue
FreeConsole
LoadLibraryExA
FindClose
GetModuleHandleA
Sleep
GetDriveTypeW
EnumResourceTypesA
DeleteCriticalSection
VirtualProtect
PulseEvent
CloseHandle
LocalFree
GetDiskFreeSpaceExW
SetLastError
GetDateFormatA
GetCommandLineA
IsBadCodePtr
IsBadReadPtr

shell32

DragFinish
DuplicateIcon
DragQueryFileA
SHGetSettings
SHFree
DragAcceptFiles
ShellMessageBoxA
SHGetDiskFreeSpaceA
ShellAboutA
StrChrA
SHGetMalloc
DllUnregisterServer
ExtractIconA

msasn1

ASN1BERDecCheck
ASN1BERDecBool
ASN1BERDecFlush
ASN1BERDecEoid
ASN1BERDecDouble

advapi32

RegCloseKey

Sections

.text
Size: 1024B - Virtual size: 632B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 82KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vuhejfg
Size: - Virtual size: 6KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE