054cf991f2ef88d4103d7e2e450f89bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

054cf991f2ef88d4103d7e2e450f89bd
Size

65KB
MD5

054cf991f2ef88d4103d7e2e450f89bd
SHA1

826bc98b34cf87cdd1f35fb74f0c1cf218648d44
SHA256

9bc8cb45a0198ec216518f574b4b8c549ab71d55dd9f587e58f86232faac7c40
SHA512

6cbb409e18a4a554092675f9b0a30bb853f6666c869029a873d05feaf0d55157875e4c4d7fed8f3217f2b56b55c4577fe516d1e56e4db8a6a9e0a1d816b3b387
SSDEEP

1536:wKs6SQ2TJM2zXvHyTGgxmY0olLHK9poINvtJ0aU5BU:wKsw2T6mXfV1YtH2RNL8y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
054cf991f2ef88d4103d7e2e450f89bd

Files

054cf991f2ef88d4103d7e2e450f89bd
.exe windows:4 windows x86 arch:x86

bd227ba966c127e93fe82f25f211eaca

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualFree
VirtualAlloc
GetProcAddress
ExitProcess
LoadLibraryExA
GetModuleHandleA
VirtualProtect
GetModuleFileNameA
HeapAlloc
GetProcessHeap
HeapFree

user32

wsprintfA
MessageBoxA

Sections

.data
Size: 11KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ex_cod
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE