5d60c13a8cdce365d3c8492f912b1f6c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d60c13a8cdce365d3c8492f912b1f6c
Size

117KB
MD5

5d60c13a8cdce365d3c8492f912b1f6c
SHA1

9054aa900e550f28c7362aa1f2f1fa8abad7ae54
SHA256

eaf23947bdca7af9146c5b83befddb5ecd7b9af5e2ec3441dd1197ade6523105
SHA512

6353d63e7f3c0df094661ed8218b7fd47c76e2e0486c84afd21475b8b33176b673e40cee21399791ea97fbbef16257599d7cbefb0442ec9797d9b02312984254
SSDEEP

1536:XcIu/9WHkduW04U+LlTNBvpBNCVHzPFvfSb0ooUAaWKhoih:XcIuXeYdpBNgP1f60Kfh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d60c13a8cdce365d3c8492f912b1f6c

Files

5d60c13a8cdce365d3c8492f912b1f6c
.exe windows:5 windows x86 arch:x86

c309c6a5d500959e885e654b165cb685

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

AppendMenuA
AlignRects
DrawTextW
GetDlgItem

advapi32

RegQueryValueW
RegCreateKeyA
RegOpenKeyExA
RegOpenKeyW

kernel32

OpenFileMappingA
CompareStringA
FormatMessageA
FlushFileBuffers
ExitThread
lstrcmpA
HeapAlloc
lstrlenA
DeleteFileW
WriteFile
GetStdHandle
GetCommandLineA
ExitProcess
GlobalFree
GetCPInfo
ReadFile
FindClose
GetLocalTime
FreeResource
GetFileTime
GetLastError
OpenFile
CreateDirectoryA

Sections

.1gf6
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.420a
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.373a
Size: 55KB - Virtual size: 366KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.4a31
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ae94
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ