534571e3bf668aab67bba5750d40426f | Triage

Sharing

General

Target

534571e3bf668aab67bba5750d40426f
Size

62KB
MD5

534571e3bf668aab67bba5750d40426f
SHA1

c4ae47bdc66884e500c883d60da00a921fbfc241
SHA256

42d5900511cb18ddaf41824873988ceb31a61c66a476a40001acbd9a7590fd2c
SHA512

0de3f91b121fe6fc947169457827c4fe9f0c4d08584d34e59512321a40a2d289886a097758ba8663c772125e7d33bfaa83da1732f2acecc5fc98ae0eb5f1976c
SSDEEP

768:tKe8/hAbuN+XJQ2YEBwKtWch+vkH1JYkyEGMAxV81FVTs+n11g8svb:wnAbekJQ2dfh+6TE7MWiTDnngrvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
534571e3bf668aab67bba5750d40426f

Files

534571e3bf668aab67bba5750d40426f
.exe windows:4 windows x86 arch:x86

fde6f03eafba15fb28fc4203ec81515b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeFormatA
GetStartupInfoA
CreateEventA
VirtualQuery
lstrlenA
FindResourceW
GetCommandLineA
HeapDestroy
CloseHandle
Sleep
TlsGetValue
GetCommandLineA
HeapCreate
GetEnvironmentVariableA
GetModuleHandleA
ResetEvent
GetVolumePathNameA
CloseHandle
DeleteFileW
CancelIo

user32

IsZoomed
FindWindowA
GetWindowLongA
DispatchMessageA
IsWindow
GetSysColor
DispatchMessageA
GetClassInfoA
CreateIcon
DestroyMenu
DrawTextW
CallWindowProcA
PeekMessageA

psbase

SPDeleteSubtype
SPDeleteSubtype
SPDeleteSubtype
SPDeleteSubtype

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

pzojboo
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE