5027656fbc8c70433bc83bd8c8e769ac | Triage

Sharing

General

Target

5027656fbc8c70433bc83bd8c8e769ac
Size

13KB
MD5

5027656fbc8c70433bc83bd8c8e769ac
SHA1

7eb8ccb22864dca06a5d290d52685820ebb20868
SHA256

524bdf7fc18b6381842986225732016da4c4705c03be03c0bc075f82fc0a7e45
SHA512

1906f475648fad3d86f6aac40c5cfd7fac67a51b34e0b0193f899b7967af6e807295746a4df2c8ac3fd307efde43922a922e93f33663cb26b77143b764e23a48
SSDEEP

192:vA4YnLCc9G1rVGxIsBxZ8lLAxiVNADDw+/2oGfFKdKjPUvj0a5CXq/:YpCj/GxIsBxZ8SsFK10acXi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5027656fbc8c70433bc83bd8c8e769ac

Files

5027656fbc8c70433bc83bd8c8e769ac
.exe windows:4 windows x86 arch:x86

ae5536db839ab0581f0762195211d62a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ReleaseSemaphore
GetProcAddress
DeleteTimerQueue
GetModuleHandleA
ReleaseMutex
lstrcatA
GetCurrentProcessId
ResumeThread
lstrcpyA
WideCharToMultiByte
CompareStringA
GetCommandLineA
CloseHandle
VirtualQueryEx
ExitProcess
CreateEventA
Process32First
LoadLibraryA
CreateToolhelp32Snapshot
RtlUnwind

user32

GetGuiResources

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 364B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE