5fff817649b78b8bb280c163f29ca657 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fff817649b78b8bb280c163f29ca657
Size

751KB
MD5

5fff817649b78b8bb280c163f29ca657
SHA1

60595bbfc7fa205b1fa97f0826b37072d175aadf
SHA256

56a0324944c6d7c169ffc1feb36b7d15b0eb4b0c7f0ea642e01c87611e5407a1
SHA512

2d40597b1d7b583bd4f89aeb16e9b90267dc328085891cf13990093a23d8ba2d44da162b96cdfe6f77ea31c5a4f5a44cd42218a6efc2961ea14ad33442ee08b5
SSDEEP

12288:z9Z6Zn7cBLeWNR7DiQm5BNCSIwsfmgDgeo++k7BOqnt8lYN68w2tKmkTMfA:pZ6SoWr7eQoBtsaeo2dtf02hkA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fff817649b78b8bb280c163f29ca657

Files

5fff817649b78b8bb280c163f29ca657
.exe windows:4 windows x86 arch:x86

05c5a45a9d763f0b1483b0dbdbf643dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
CreateFileA
ResetEvent
WaitForMultipleObjects
VirtualAlloc
GetTickCount
OpenProcess
GetModuleHandleA
GetConsoleTitleA
GetCommandLineW
HeapSize
Sleep
GetFileAttributesA
GetCurrentDirectoryA
GetStdHandle
GetEnvironmentVariableW
DeleteFileA
FindClose
ExitProcess
WaitForSingleObject
CloseHandle
CreatePipe
SetLastError
GetStartupInfoW
CreateMutexA

user32

GetDC
CallWindowProcW
DispatchMessageW
GetDC
FillRect
GetClassInfoA
MessageBoxA
GetWindowLongA
GetDC
GetSysColor
FindWindowW
PeekMessageA
DispatchMessageW

ureg

??1REGISTRY@@UAE@XZ
??1REGISTRY@@UAE@XZ
??1REGISTRY@@UAE@XZ
??1REGISTRY@@UAE@XZ

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 745KB - Virtual size: 745KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ