5dadcea25a54d2815ea367f79a5aa616 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5dadcea25a54d2815ea367f79a5aa616
Size

197KB
MD5

5dadcea25a54d2815ea367f79a5aa616
SHA1

901613785a6093cfcac18aaca6062a46a575a16c
SHA256

eca5e744d66b8e64e43e5310ff3ef9c7cc4c8ffc8392a0e087f5f64b17f684f7
SHA512

18bbef4a33ced857addcbc550204fbbeb458d892dc84a0f8c7c7dd401f53fb2eb906e0685d07221e92b0a268c62b86d751e9566d4c99f5cc5ff635b6f2fadc1e
SSDEEP

3072:SEUY1lVzmlpS37+8ofgxuI5s8IwW/KzSB2oBm8ncivXIWUYcme7dI8nnTS:SEUYilU374EuwW/K2B2oPB1UHBd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5dadcea25a54d2815ea367f79a5aa616

Files

5dadcea25a54d2815ea367f79a5aa616
.exe windows:4 windows x86 arch:x86

10ff2d6edc5451a9a5bd87c1c2edb7f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
ExitThread
FindResourceA
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetModuleHandleA
GetProcessAffinityMask
GetProcessWorkingSetSize
GetStartupInfoA
GetSystemTimeAsFileTime
GetTickCount
LoadLibraryA
QueryPerformanceCounter
SetHandleCount
SetProcessWorkingSetSize
SetUnhandledExceptionFilter
VirtualAlloc
VirtualProtect
VirtualQueryEx

msvcrt

strcpy
strncmp
strcmp
wscanf
atoi
fseek
fopen
wcscpy

user32

OffsetRect
IntersectRect
InsertMenuA
GetPropA

comctl32

CreateStatusWindowA
InitCommonControls
CreateMappedBitmap

Sections

.text
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ