5a14be95e861549f6faf14d16f6d1142 | Triage

Sharing

General

Target

5a14be95e861549f6faf14d16f6d1142
Size

124KB
MD5

5a14be95e861549f6faf14d16f6d1142
SHA1

972168b6a209e644e2c5dd752fecc6eb11e69e54
SHA256

36ec134e86543e360fd10d389e6990862b79bb83f5dd09dfc9ca2aaa913628f9
SHA512

f2b9ef8ce6e9d3cb95688da138c8825ecb849b0eca933be97a8cf5d717e703963a9ebde4541c2c02db6b23ea821c398da48454afe27965a2aeb6d06973105ec4
SSDEEP

3072:RB6dFxMXhdJ2+CxktelRV0vb0+Xs8yOebhSMHI+:WjxEx2+TteKa8RshHI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a14be95e861549f6faf14d16f6d1142

Files

5a14be95e861549f6faf14d16f6d1142
.exe windows:4 windows x86 arch:x86

b650d219ea962e51e67223ead1b7fa75

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateThread
ExitProcess
ExitThread
FindFirstFileA
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetDateFormatA
GetModuleHandleA
GetStartupInfoA
GetStringTypeW
GetSystemTimeAsFileTime
GetTickCount
GlobalUnlock
InterlockedIncrement
IsBadReadPtr
IsBadStringPtrA
LoadLibraryA
QueryPerformanceCounter
SetErrorMode
SetUnhandledExceptionFilter
VirtualAlloc
VirtualProtect

msvcrt

strstr
strncmp
atoi
strcmp
fwrite
wcschr

user32

ModifyMenuA
GetWindowTextA
DrawIconEx
DrawTextA

comctl32

GetEffectiveClientRect
InitCommonControls
ShowHideMenuCtl
CreateToolbarEx

Sections

.text
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ