05d5ba23f8f5b8ebb71c22ca7de1e44c | Triage

Sharing

General

Target

05d5ba23f8f5b8ebb71c22ca7de1e44c
Size

5KB
MD5

05d5ba23f8f5b8ebb71c22ca7de1e44c
SHA1

b92c6d68586e542df676e4e9075d8c370720c4ab
SHA256

2461b6423208a4c5da2d515be9cbee437dbb5c673b66c4d49f9f3d254e1873f3
SHA512

8b5cf6115681d0bac92b66c48f35a275e36d503b589938228d49df92436010e2610eb3523413f5a33f109281c09bc7271bf60d6c14fd75dc03213acc330fcc08
SSDEEP

96:XW3NJg+TiUk8AV7BSxARn05n471Y7WHsARz:azdk8A/S271YgNp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05d5ba23f8f5b8ebb71c22ca7de1e44c

Files

05d5ba23f8f5b8ebb71c22ca7de1e44c
.dll windows:4 windows x86 arch:x86

72789eacd44cca961ab67a06eec3cb2c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetSystemDirectoryA
GetModuleFileNameA
Sleep
WinExec
GetSystemTime

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

mfc42

ord6010
ord354
ord5186
ord6385
ord665
ord1979
ord5442

msvcrt

strcpy
strcat
strlen
__CxxFrameHandler
rand
srand
memset

Exports

Exports

Start

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 172B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ