5b9fa5b48a34e19938842b649f752d72 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b9fa5b48a34e19938842b649f752d72
Size

748KB
MD5

5b9fa5b48a34e19938842b649f752d72
SHA1

6a125343ed873932ea5f0df49cc95b2813e07c95
SHA256

8fd1260be70863bd4805af4cf2f5f20817da37c713162db28c4f01bfe8d87cc4
SHA512

58edcb868584e9a21acc19b17fe667a5b8db95db61f8afddc30bc8f01233d342c696e990869b0730dd535888053bb13f940d1e15f43e0e6ec446e35465a41d83
SSDEEP

12288:iHSp9N63C5JBadzQRU8KCk5ADKCqmt63D/V1ZXzGaJBiKeJ7/HiFBSW7YD27/s:IS9N6S+zQCnnmOq0D/V3D5BTe1/C//B

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b9fa5b48a34e19938842b649f752d72

Files

5b9fa5b48a34e19938842b649f752d72
.exe windows:5 windows x86 arch:x86

391351e58913346832da441f15096fa4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForMultipleObjects
GetModuleFileNameA
GetCommandLineA
HeapFree
lstrlenA
CreateSemaphoreA
GetFileTime
FindClose
IsBadReadPtr
LocalSize
ExitThread
FindVolumeClose
GetCurrentDirectoryW
GetModuleHandleA
VirtualQuery
GetDriveTypeA
GetCurrentThreadId
CancelIo
GetFileType
HeapCreate
CloseHandle
FindVolumeClose
CreateDirectoryA
GetFileAttributesA
WriteFile

uxtheme

IsThemeActive
GetThemeSysSize
DrawThemeBackground
GetThemeColor
GetWindowTheme
SetWindowTheme
CloseThemeData
DrawThemeEdge
GetThemeTextMetrics
CloseThemeData
GetThemeBool
OpenThemeData
GetThemeTextExtent

fmifs

Extend
Extend
Extend
Extend

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 740KB - Virtual size: 740KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE