56e86c7f8dbf39ded2224ebae0ec47e5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56e86c7f8dbf39ded2224ebae0ec47e5
Size

170KB
MD5

56e86c7f8dbf39ded2224ebae0ec47e5
SHA1

1f9035a3a5a27e141afef88350e210f10388f1e8
SHA256

51ee471ed105765b865c7a8c803e2b7c2450c1b24f3372aa3c1503fcabf0bb42
SHA512

0032f2b77567cf2427a0192b16e1c2a2309a0a34342ed4a66cc0306df1f1f773122980b5ff9bebe4dbd4a9868d5593628e9dde414781d52170f5ae9473c2ddde
SSDEEP

3072:vsc9xWzi9GKHscTpcy2VB652L4Ul3zLH1wOMkbw5Dr0tgBPe9cArNE:txRw4seqB68L4UpTMkbw5DrCgBGyUNE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56e86c7f8dbf39ded2224ebae0ec47e5

Files

56e86c7f8dbf39ded2224ebae0ec47e5
.exe windows:5 windows x86 arch:x86

1a16cce976f5e69b8ab1b65a32f63bb9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsCharAlphaW
IsWindowEnabled
GetDlgItemTextA
SetWindowRgn
FillRect
DrawStateA
IntersectRect
SetWindowTextA

msvcrt

_cexit
setvbuf
_exit
time
__p__fmode
__setusermatherr
_XcptFilter
swprintf
__p__commode
__set_app_type
_controlfp
_initterm
_ismbblead
towlower
exit
_amsg_exit
__getmainargs

kernel32

GetNumberFormatA
GetTimeFormatW
GetTempPathA
FindFirstFileW
VirtualProtect
GetHandleInformation

gdi32

GetBkColor

Exports

Exports

_AttachThreadInputAttachThreadInput@0
_AttachThreadInputAttachThreadInputAttachThreadInputAttachThreadInput@0

Sections

.text
Size: 146KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.txtdat
Size: 1024B - Virtual size: 691B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ