5ca183208035a257ce94f0c09caff50d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ca183208035a257ce94f0c09caff50d
Size

194KB
MD5

5ca183208035a257ce94f0c09caff50d
SHA1

2a2ef005bafbe8573bf4030b8a83914289f33e44
SHA256

e4f508b6559c92d3d29cb2490230a9772c49bc88d76e3b147d765bd0b7f3a641
SHA512

35d62f76cb1b76885fb8e27169c5a438b31b88442fd84f1411ed71492248c3e4a4e9ccab254a2616ab56e18a4ad541d014661405cceac8ae555e080af5ab0caf
SSDEEP

3072:u1ZFXV09tZ55j+ywDlLPAo5NGkS4wVrhNVxIYm5v842gTNzC1tZw0wv9cS2tGgmu:u1YfBs4o5EoIDyD04pTMDZGveSuqkJy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ca183208035a257ce94f0c09caff50d

Files

5ca183208035a257ce94f0c09caff50d
.exe windows:4 windows x86 arch:x86

18def688acf945e5fa2ce30523430e06

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

OleTranslateAccelerator
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc

winmm

timeGetTime
timeSetEvent

kernel32

GetLocaleInfoA
GetStringTypeA
BeginUpdateResourceW
ExitThread
GetVersionExA
GetFileType
QueryPerformanceCounter
GetCommandLineA
EnumResourceTypesW
GetFullPathNameW
GetStartupInfoA
GetModuleFileNameW
GetProcessHeap
InterlockedIncrement
HeapFree
HeapAlloc
UnhandledExceptionFilter
WriteConsoleW
GetStringTypeW
GetStdHandle

gdiplus

GdipCloneImage

Sections

.text
Size: 121KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 1024B - Virtual size: 924B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 248KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ