5cbb46787c651ede000c96512ff6a3ac[.]exe | Triage

Sharing

General

Target

5cbb46787c651ede000c96512ff6a3ac.exe
Size

172KB
MD5

5cbb46787c651ede000c96512ff6a3ac
SHA1

bb15bdc20acec9215240f12670233ba0fde1d246
SHA256

e0970ad92fdbe832b2def49ac187391ea9b94f669bb38dc96d7674f31061c891
SHA512

4cb400c4459671000a8c2804b24dd10879990a652f3d278ccf1a9bef51bfd386f49c6764271cde08a9ce6b4420860e030a8a824f510274f913e8ca8edf8ef7be
SSDEEP

3072:KUpuCVpUHDNorknaG9nniIK24F8+Iq9ZaR/Dxa6ZZpzGF97Nw:aCVweWagiyD+Iq9sda0ZpY9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5cbb46787c651ede000c96512ff6a3ac.exe

Files

5cbb46787c651ede000c96512ff6a3ac.exe
.exe windows:4 windows x86 arch:x86

f071f9895e271a818972594f114f2fd7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

setupapi

CM_Get_Depth_Ex
SetupDiGetDeviceRegistryPropertyA
CMP_WaitNoPendingInstallEvents
CM_Get_DevNode_Status

kernel32

AddAtomW
GetEnvironmentVariableW
InterlockedDecrement
GetModuleHandleA
TlsSetValue
TlsAlloc
GetConsoleCP
HeapAlloc
ExitProcess
TlsFree
GetProcessHeap
GetConsoleMode
WriteConsoleW
CreateFileA
LoadLibraryExW
FlushFileBuffers
InterlockedIncrement
MapViewOfFile
GetLastError
EnumResourceNamesA
TlsGetValue
VerLanguageNameA
GetVersionExW
GetTempPathW
GetModuleHandleW
SetLastError
UnmapViewOfFile
CreateFileW
GetProcAddress
GetVersionExA
HeapFree
CreateFileMappingA
Sleep

msimg32

AlphaBlend
TransparentBlt

shlwapi

PathAddBackslashW

winmm

mciSendCommandW
sndPlaySoundW

Sections

.text
Size: 91KB - Virtual size: 91KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 77KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ