5906b0439b3d8c95968aaa31440170f5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5906b0439b3d8c95968aaa31440170f5
Size

76KB
MD5

5906b0439b3d8c95968aaa31440170f5
SHA1

666ec7b4bc25ea39fca6855250ff4510e9e9271d
SHA256

52dda27ab3dfe3c548b5b7b5dd9a8ffb9a74c8f3c8aa75d81cd3adf09d8e0b14
SHA512

8a1e7ff39df2dab1dcb4865ab0932ca1936098cb69a26b5d088724627cc23cd82ac0c3e3dda139bb9da419882f2838cbd7ff109e0c791759ef28fc84f6a8e6c3
SSDEEP

1536:3f78sdlkSoxbk++dXDHU+YwQLgIjm/j+FT5wGXzXKtf5UNZW9BIy35eY+4cmsKnP:3PdP9o8nvfpcIXb2d3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5906b0439b3d8c95968aaa31440170f5

Files

5906b0439b3d8c95968aaa31440170f5
.exe windows:5 windows x86 arch:x86

610fe6532da5250e92f0b58078e6a242

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadWritePtr
RemoveDirectoryA
SetVolumeLabelA
SetEndOfFile
FatalExit
CloseHandle
RemoveDirectoryA
FindClose
GetCommandLineA
GetModuleHandleA
GetDriveTypeW
FindAtomA
CreateDirectoryA
CreatePipe
GetModuleFileNameA
GetFileType
WriteFile
WaitForMultipleObjects
DeleteAtom
HeapCreate
GetCurrentThreadId
HeapFree
AddAtomA
CreateSemaphoreA
ClearCommBreak

cryptui

DllUnregisterServer
CryptUIWizExport
CryptUIStartCertMgr
CryptUIDlgFreeCAContext
LocalEnrollNoDS
WizardFree
LocalEnroll
CryptUIWizBuildCTL
CryptUIWizImport
CryptUIWizDigitalSign
CryptUIDlgViewContext
WizardFree
DllRegisterServer

mgmtapi

SnmpMgrCtl
SnmpMgrCtl
SnmpMgrCtl
SnmpMgrCtl

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE