5c485cb1fa1a4836d014c32b1ef69790 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c485cb1fa1a4836d014c32b1ef69790
Size

164KB
MD5

5c485cb1fa1a4836d014c32b1ef69790
SHA1

b047efa5373bd6bbef58e37cc437e66a3b75f986
SHA256

dce69db32af58276ec7b58eb78b0072467294ff711b2277ed7aa89600a8265f5
SHA512

124a9ee9703ed7d41515af2702b21884fcdb945c9bcd1b0084b2a69d81d50c795cd0a91d1180c65a179fb74cac89f5192df6b1eff59b080a7dc65c5215083e37
SSDEEP

3072:BYDwsYAYxtewBqAZ5Y/TCHaBKdsm99zfue7CHokd6/YBwQg5PyKZ+saR:BwwsYAYxtewBqGSC6Qn99D/S6V1RZ+hR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c485cb1fa1a4836d014c32b1ef69790

Files

5c485cb1fa1a4836d014c32b1ef69790
.exe windows:4 windows x86 arch:x86

7b03eeb2906106c13d9a241bbf77e54f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

kernel32

CreateFiberEx
IsBadReadPtr
FindResourceW
SetErrorMode
GetLocalTime
LocalAlloc
LCMapStringW
SetThreadAffinityMask
LocalFree
SystemTimeToFileTime
GetCurrentProcess
GetSystemDirectoryW
EnumResourceNamesW
FindNextFileW
GetShortPathNameW
GetStringTypeW
SetEnvironmentVariableW
FreeLibrary
SetThreadPriority
FindClose
FileTimeToLocalFileTime
GetOEMCP
SetCurrentDirectoryW
FileTimeToSystemTime
FindFirstFileW
CompareStringA
LocalFileTimeToFileTime
LoadResource
SearchPathW

user32

UpdateWindow
ReleaseCapture
InvalidateRgn
ValidateRgn
ValidateRect
EnableWindow
IsWindowEnabled
RealGetWindowClassA
DestroyWindow
GetCapture
ExcludeUpdateRgn
SetCapture
FlashWindow
IsWindow
GetUpdateRgn

Sections

.text
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 62KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imul
Size: 512B - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ