5eef3570ac90220b27e2f97b63601c9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5eef3570ac90220b27e2f97b63601c9f
Size

636KB
MD5

5eef3570ac90220b27e2f97b63601c9f
SHA1

62466f2e1b60e22af9b6e36b4b210250457fe112
SHA256

ddb3a87dcae81d51a22c3abfb2108755a4b5b9b372fd15d34bcbaacc4c13c7ae
SHA512

81f3d4e024485fa2bbb036a18671f1b45fb3a430dc3bfe30804f178b1d9ee0ca7bde2b39a348f3613a30edf8685abb72c2aad362469edf3241f19812af4b9df1
SSDEEP

12288:EXh9mB+K/g9xb9B5YqIizD9NT/BbgyyEFf5/knBUetEmh8i8yxwvSK4tFa96s:ER9mB+D7bj5rIitNbBTfayOtwvb4tFFs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5eef3570ac90220b27e2f97b63601c9f

Files

5eef3570ac90220b27e2f97b63601c9f
.exe windows:4 windows x86 arch:x86

0ae9dd11a425d86758df20aeaeca8f5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetProcessVersion
VirtualProtect
HeapDestroy
GetEnvironmentStringsA
GlobalMemoryStatus
LoadLibraryExA
WaitForSingleObject
IsDebuggerPresent
InterlockedExchange
CreateIoCompletionPort
GetACP
GetStdHandle
GetTapeStatus
GetTimeFormatA
HeapQueryInformation
HeapCreate
GetProcessHeap
GetCurrentProcessId
GetLogicalDrives
GetCurrentThread

user32

GetFocus
SetForegroundWindow
GetCursorPos
GetWindow
ReleaseDC
GetClassNameA
FillRect
GetParent
wsprintfA
ShowWindow
GetDlgItem
DrawTextA
GetWindowTextLengthA
SetActiveWindow
BeginPaint
EndPaint
FrameRect
DragDetect
GetTitleBarInfo

advapi32

RegCreateKeyA
RegSetValueExA
RegCloseKey
RegEnumKeyA
RegFlushKey

setupapi

SetupCloseLog

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ