5955fb73539a52be1985cbfeaa6c3673 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5955fb73539a52be1985cbfeaa6c3673
Size

859KB
MD5

5955fb73539a52be1985cbfeaa6c3673
SHA1

60ff179b0726e7606bc59cd0befe2dbb947980dd
SHA256

8ec3c3d8339a1625c633f5cda8e58a580c3078aeba723a98783309c31ceaaf07
SHA512

cb9e2da11fbdedcb3565746c65bff7e0d37036e33891f7c3d0c1d3d7b534e86d664a0b49c2242fbe835eaaa24773837359330f1f50985bb84241569b2d34fe4f
SSDEEP

12288:a9xXuIxpi3Cs8prvafNNNCyBano36GVly6UI7WhHJVAKPoS05yoMA9:qZK3CsYDeNso36GVlyLIwpVHoTL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5955fb73539a52be1985cbfeaa6c3673

Files

5955fb73539a52be1985cbfeaa6c3673
.exe windows:4 windows x86 arch:x86

c36fa526af2e28249983170f46a4b4d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
FindAtomA
GetPriorityClass
SuspendThread
CreateMailslotA
IsBadCodePtr
HeapCreate
GetModuleFileNameA
ReadFile
DeleteFileA
CloseHandle
EnterCriticalSection
GetProcessTimes
GetFileAttributesA
DeleteAtom
GetModuleHandleA
GetPrivateProfileStringW
GlobalFree
GetCurrentProcessId
HeapDestroy

user32

DispatchMessageA
GetKeyState
GetSysColor
GetWindowInfo
GetClassInfoA
GetWindowLongA
GetKeyboardType
DrawTextW
DispatchMessageA
IsWindow
GetClientRect
SetFocus
CallWindowProcW

fwcfg

InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll
InitHelperDll

appwiz.cpl

ConfigStartMenu

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 849KB - Virtual size: 848KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ