54f6b8f31fd901162e958cf0da27913c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54f6b8f31fd901162e958cf0da27913c
Size

214KB
MD5

54f6b8f31fd901162e958cf0da27913c
SHA1

e28c8e099be3e210d2a02cf1841c105cfc313e31
SHA256

c188c424a447b4062169330dc654da411317d260614deef5c2718a7b9eaad20c
SHA512

e8a47704da613590cb8fb9f02a56550726a02705ce94cad279917e9b53943201dace4f97a4279c648337c3412c8f6c2bc7585188b36599c9a704055f8f77dd48
SSDEEP

3072:KgiPulgzZm2aRCRpwxGDSUN2R4pM4zAQixsc3d9mJaaZwGPYqI027zQ17dqfG8t2:FiPoP28Qp8Gi4pMvgISgqIfza0Owl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54f6b8f31fd901162e958cf0da27913c

Files

54f6b8f31fd901162e958cf0da27913c
.dll windows:4 windows x86 arch:x86

d8da89c2c001ebcb32f51a11ee8b71e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineW
VirtualAlloc
LocalAlloc
lstrlenA
LoadLibraryExA
VirtualAllocEx
GetACP
GetCurrentThreadId
EnumCalendarInfoA
GetOEMCP
GetCommandLineA
DeleteCriticalSection
GetProcAddress
GetDiskFreeSpaceA
ExitProcess
HeapDestroy
GlobalDeleteAtom
GetModuleHandleA
CreateEventA

Sections

.text
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.fdata
Size: 2KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ddata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ