53b059414837efb8fd09f76396a88ef6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53b059414837efb8fd09f76396a88ef6
Size

109KB
MD5

53b059414837efb8fd09f76396a88ef6
SHA1

ad8cbc1c8958f4367c2f855a232c7206904a011b
SHA256

75e266f412e7d0a758f2a49a546ac60f90edd4d1fbb23bddb92e969a27975eaa
SHA512

9bebf85353cdb5f5f559badd9dbedc0b95b57214f21ef8cd70cd46a371e73983c93ac042f2be779349c6ec1d1ff7aa43122b904d4b41ab697458c29212e84681
SSDEEP

3072:UoK5674RrBQ+2mM6jOfOsv1iC+VqomRvxhAUoPVMvkVd06vD4E:xx+YHJ1qV6kVdt4E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53b059414837efb8fd09f76396a88ef6

Files

53b059414837efb8fd09f76396a88ef6
.exe windows:4 windows x86 arch:x86

6d0641dea5f3f429f80b857bf31d28ce

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesExA
Sleep
HeapDestroy
HeapFree
QueryPerformanceCounter
HeapCreate
HeapAlloc
GetProcessHeap
CloseHandle
ReadFile
SetFilePointer
CreateFileA
ExitProcess
GetModuleFileNameA
GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualFree
IsBadReadPtr
lstrcmpiA
FreeLibrary
GetStartupInfoA
GetModuleHandleA
HeapReAlloc
GetCommandLineA

user32

wvsprintfA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE