5e2fadbc8afa33ae617c718370dd14e0 | Triage

Sharing

General

Target

5e2fadbc8afa33ae617c718370dd14e0
Size

329KB
MD5

5e2fadbc8afa33ae617c718370dd14e0
SHA1

1a90afb827507a35a3d3a3e908c358ba62d2c0e2
SHA256

e4661ce5f2d053c719a1422068f336976bdd20aa2892d6ac8ad519003c133228
SHA512

6fe232833585d3fa58084df9c5d8c183a343f7346ad46ae725f1226245cdf9d0602a39902e8ee20cad71c5195bd4431c572a9a5e0e6bad1393d6e2ead11709cb
SSDEEP

6144:s7KQF8Wvz3CVfbQEpFz8+KEGv79T6fGXVv42Jmwsh+sz42ydKfi83J21Avv:s7KQFXb3CV8EpFz8C6Jnlv4Snu+sz0d4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2fadbc8afa33ae617c718370dd14e0

Files

5e2fadbc8afa33ae617c718370dd14e0
.exe windows:4 windows x86 arch:x86

1ddc10b5351d591f50d73af23597c720

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
CloseHandle
PulseEvent
GetTickCount
ResumeThread
GetModuleHandleA
GetLastError
TlsGetValue
DeleteCriticalSection
GetComputerNameA
VirtualProtect
GetStartupInfoA
SearchPathA
ReleaseMutex
AddAtomA
ExitProcess
SetEvent
HeapDestroy
GetDiskFreeSpaceA
lstrcmpiA

user32

EnableWindow
GetKeyState
CreateMenu
CopyImage
DragDetect
CloseWindow
IsIconic
GetScrollBarInfo
CopyIcon
DispatchMessageA
CreateWindowExA
GetMessageA
EndDialog
DialogBoxParamA

cfgmgr32

CM_Add_Range
CM_First_Range
CM_Get_Child
CM_Delete_Range
CM_Add_IDA

shell32

DragQueryFileA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ