54708289a5a90b6c9c34f3b035773499 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54708289a5a90b6c9c34f3b035773499
Size

803KB
MD5

54708289a5a90b6c9c34f3b035773499
SHA1

42d785ccc7d42c6d76ada9100b4caf8683ec8751
SHA256

202f482cd7745fc5fa31470d9809e87201df12afd2df071fdeec078874a69ce7
SHA512

959f08580af55e7ef16a719dd95e749d60883b46615ea3c0fb4b197d0259d679af2327644e588e2b9d53b5641da27275ee898ff9879b0d73daa102e8c45967d6
SSDEEP

24576:KQXZtsczB4QpFYiLHeWtj6DRBIa11BilWwNh:KkZtscNVbY8XV69BIYQ0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54708289a5a90b6c9c34f3b035773499

Files

54708289a5a90b6c9c34f3b035773499
.exe windows:5 windows x86 arch:x86

bb3972d439a1e1c3b0aa2f95f57551b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteFileW
GetCurrentThreadId
VirtualProtectEx
HeapDestroy
GetFileAttributesA
FindAtomW
SetFileTime
GetProcessVersion
GetTickCount
InterlockedExchange
CreateFileW
CreateFileW
OpenEventW
GlobalFlags
SetFilePointer
GetModuleHandleA
PulseEvent
OpenMutexA
CreateDirectoryA
GetDriveTypeW
GetConsoleMode
GetModuleFileNameA
LeaveCriticalSection
GetVolumePathNameA
DeleteFileW

user32

SetFocus
PeekMessageA
LoadCursorA
MessageBoxA
GetWindowLongA
wsprintfA
GetWindowLongA
SetRect
DestroyIcon
IsMenu
GetWindowTextA
DestroyMenu
DispatchMessageA

dot3msm

DllMain
Dot3MsmFreeProfile
Dot3MsmDeInit
Dot3MsmDisconnect

advapi32

IsValidAcl

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 793KB - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE