58c1de984a9fc06a75f7ca1b46a765dc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58c1de984a9fc06a75f7ca1b46a765dc
Size

23KB
MD5

58c1de984a9fc06a75f7ca1b46a765dc
SHA1

4132e32621a9e8204df3990d5f135732ea1c5843
SHA256

28b0d25b80a02951610f47d246ab27dd70904acee739d908fbfdff4900b97cac
SHA512

b81dfbd94bdfb11bcb18f518ee4e43a6fd7c484e52c6b30d67a6da4bcaed55765cef88bb8ec19e6ea14d9cae40732963e3c1183bc19a2751bd390a4d17399fdc
SSDEEP

384:s8p6C7LAwcxuFDoBCZI3RItjhWAvSR0PGGmPmyRgdL3Oeb9OdWtag:tLADWKCS3atNWAvQ07mPmyJebSWtag

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58c1de984a9fc06a75f7ca1b46a765dc

Files

58c1de984a9fc06a75f7ca1b46a765dc
.exe windows:4 windows x86 arch:x86

470b20a3df3c5ade0bafefeaed636e12

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

_except_handler3

kernel32

lstrlenA
ExitProcess
WaitForSingleObject
CreateThread
lstrcatA
lstrcmpA
GetLastError
CreateMutexA
lstrcpyA
GetModuleFileNameA
GetProcAddress
LoadLibraryA
GetCommandLineA
WriteProcessMemory
lstrlenW
GetModuleFileNameW
Sleep
ReadProcessMemory
GetModuleHandleA
GetCurrentProcess
IsDebuggerPresent
CloseHandle
ReadConsoleA
HeapFree
GetEnvironmentVariableA
HeapAlloc
GetStartupInfoA
GetProcessHeap
lstrcmpiA

user32

DefWindowProcA
GetMessageA
DestroyIcon
DispatchMessageA
CreateWindowExA
GetWindowLongA
MessageBoxW
MessageBoxA
UpdateWindow
InsertMenuA

gdi32

CreateDIBitmap

shell32

Shell_NotifyIconA

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ