5b05ef548b84e6ae341a2047302e286c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b05ef548b84e6ae341a2047302e286c
Size

47KB
MD5

5b05ef548b84e6ae341a2047302e286c
SHA1

4b73c4892392a8f6bd1a2ab4e51c91253f1a233c
SHA256

c6141b5e5c060dcbade6b796089d47aad68b064394be12639968df8fc22f7a4c
SHA512

8e210a94672368c4d5bbd774081a9e7cc775e5d3a27159cc902956700149cebf5f34be6a89f35e79458480dd92c4c80d64bc3577371a679db2e366b24db4f316
SSDEEP

768:TRxKxci9AGgL6ZDEkmNY6E6n+q4YIqT3GbFF8E0yyLvwvuX:TRx3L7vN+6+vYNT3IgyyLYvu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b05ef548b84e6ae341a2047302e286c

Files

5b05ef548b84e6ae341a2047302e286c
.exe windows:4 windows x86 arch:x86

1900879c98b4a96d399d6ce626330c68

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

urlmon

URLDownloadToFileA

shell32

ShellExecuteA

Sections

CODE
Size: 18KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE