057bd79b35031dc88933563d2e401e71 | Triage

Sharing

General

Target

057bd79b35031dc88933563d2e401e71
Size

16KB
MD5

057bd79b35031dc88933563d2e401e71
SHA1

7df2e4751a4a330240858976e8f2e2cf1b8f9743
SHA256

c947de4e942ed956cbd74187838b59cfdbdb427e5b1c335bcc40b79e43f642da
SHA512

675bcfdf2c87ff7f87ce11fe13dea4a104362f682e569feb1a73bb3b20099222d542beeb2ac1417c09753ce2bd097ac9c7c536ba0b4b6fa67090493617b98bda
SSDEEP

384:ZQUEwQvRhVmKKG+xoM/w6YBloiAFDPUbhku7GgUZVwOkyQzdV:XwRf+hIFXoFDcFku7j0Vw9yu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
057bd79b35031dc88933563d2e401e71

Files

057bd79b35031dc88933563d2e401e71
.exe windows:4 windows x86 arch:x86

1214b9869b633f27997d2e2a02e2bc2d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_BIND
IMAGE_DLLCHARACTERISTICS_WDM_DRIVER
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteProfileSectionA
LCMapStringA
CreateHardLinkA
OutputDebugStringA
lstrcmpiA
GetConsoleAliasExesLengthA
GetComputerNameA
CompareStringA

user32

SendIMEMessageExA
SendDlgItemMessageA
CreateMDIWindowA
EnumPropsA
GrayStringA
IsCharAlphaA
EnumDisplaySettingsExW
GetMessageA
ChangeMenuW
CharLowerBuffW

gdi32

CreateEnhMetaFileW
CreateFontIndirectExA
GetTextExtentExPointA
GetCharWidthFloatA
CopyMetaFileW

Sections

.rdata
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 10KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.icode
Size: 1024B - Virtual size: 876B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.masm
Size: 1024B - Virtual size: 757B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ