0543880d802cb6dc6d3a8cfec9360ee8 | Triage

Sharing

General

Target

0543880d802cb6dc6d3a8cfec9360ee8
Size

330KB
MD5

0543880d802cb6dc6d3a8cfec9360ee8
SHA1

74267398014bab1fcf795fbce68d74c9309b7bbd
SHA256

e6efcaf0fe238a40796549c789dd033b183e31338bfef0499c3c467663beed35
SHA512

536f8c2e6ec0312a97119150416f4c8fa9d7b12765379b5764f79e790a5518d2cde428dac70d007bdd7a2378aacaf6ca966f3d88e00a9d089a9336882743f329
SSDEEP

6144:l3iJKXzL5vOTiIIWPkHHScTXuXY6ZzIqQFM1TAP4ClREfJo4SKb3gxqF72:hOKNOT5PmDIpZsqNNAP4ClREZNb3OqY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0543880d802cb6dc6d3a8cfec9360ee8

Files

0543880d802cb6dc6d3a8cfec9360ee8
.exe windows:4 windows x86 arch:x86

c7159bd3a8db4cc8f502716fe4903054

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetAtomNameA
HeapReAlloc
WaitForSingleObject
GetModuleHandleA
GetVersion
GetStdHandle
GlobalUnlock
WaitForMultipleObjects
GetSystemDefaultLangID
GetTickCount
CompareFileTime
InterlockedExchange
SetConsoleCP
HeapCreate
LoadLibraryExA
GetCommandLineA
CloseHandle
lstrlenA
VirtualProtect
SuspendThread
GetConsoleCP

user32

CopyImage
GetCursorInfo
DrawCaption
FindWindowA
CreateMenu
DragObject
SetPropA
SetWindowPos
CreateIcon
DispatchMessageA
EnableScrollBar
IsDialogMessage
DialogBoxParamA
FillRect
GetKeyboardLayout
DestroyMenu
SetScrollInfo
InvertRect
GetKeyState
InsertMenuA
GetDlgItem

advapi32

RegCloseKey
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyA
RegCreateKeyExA

apphelp

ApphelpCheckExe

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 744KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ