5e90c8b65e8af0811479748c233098c2 | Triage

Sharing

General

Target

5e90c8b65e8af0811479748c233098c2
Size

436KB
MD5

5e90c8b65e8af0811479748c233098c2
SHA1

cf8cab7fe45386d3b95356bf39131f945a5d8f6b
SHA256

e50af8cd5170d303a61bc7fd7d0188a5606eefa37d1be47020f53de796c67e29
SHA512

edf7c9696885ecd5abeaba8afcaa9cfd137bcff59f9df7c3432c3baae629580078d53b9cc3654aab3b4a6e24c5a588c81c0b90767a7c729eab35fd874bebe298
SSDEEP

6144:/7Lo3X9VkCzKhCOKXc2469qRlV6o/BQMr//Xz3IVn5xn/6f/zYECocTte0M:3o3NuCUZs4boo5Qej4FLyCocRY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e90c8b65e8af0811479748c233098c2

Files

5e90c8b65e8af0811479748c233098c2
.exe windows:4 windows x86 arch:x86

eb9b7d28d2ebaa86aaed182629a5d661

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CoInitializeEx
CoCreateInstance
CoUninitialize

atl

AtlAdvise

esent

JetOpenFile

kernel32

VirtualAlloc
GetLastError

wmi

OpenTraceW

user32

EnumPropsA
DlgDirListComboBoxW

dnsapi

DnsReplaceRecordSetW

Sections

.text
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 592B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 57KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 287KB - Virtual size: 286KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ