05b72d1ac5f1b261548b0e067ab0fe6a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05b72d1ac5f1b261548b0e067ab0fe6a
Size

25KB
MD5

05b72d1ac5f1b261548b0e067ab0fe6a
SHA1

5de8285c08c7554dc0777ba3fbbf21ec0819cb1d
SHA256

86287c66f1d924f1655c8f8ce62fceb5ac5b27e981c6f83b3f2746840c52d199
SHA512

7d7af45eeda3ac62b85f38f58567b8f968db84d3b34ff774097dbbc8613d190630ea7055e98746afa4a38c063d4f688908bb9d1201fe0b12c050d5e6f44842ea
SSDEEP

384:UrlLQQ1yzkVBGP4yKBddbPARWy6YgOUeV7DUkpBPhcu/8mO1Y8b4vfgzs+doJR:Umsd4w/x8vbNjhT8FWTfyhe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05b72d1ac5f1b261548b0e067ab0fe6a

Files

05b72d1ac5f1b261548b0e067ab0fe6a
.exe windows:4 windows x86 arch:x86

47582212f8d010abc4ff3aae8d5e2d6c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetDefaultCommConfigA
TerminateJobObject
GetVolumePathNamesForVolumeNameW
ReadConsoleInputW
GetCPInfo
BaseCleanupAppcompatCache
IsDBCSLeadByte
QueryActCtxW
Thread32Next
GetNumberOfConsoleFonts
VirtualLock
SetLastError

user32

DdeReconnect
SetScrollPos
GetReasonTitleFromReasonCode
UnregisterDeviceNotification
BlockInput
DefDlgProcA
ResolveDesktopForWOW
RealChildWindowFromPoint
AnyPopup
CreateWindowExW
GetUserObjectInformationA
UnhookWindowsHook
ScrollWindow

Sections

.text
Size: 22KB - Virtual size: 24KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ