5065339f98eed7424854a995df79c39a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5065339f98eed7424854a995df79c39a
Size

448KB
MD5

5065339f98eed7424854a995df79c39a
SHA1

69062acd00d2c74e97acff63c40b6a4f64899bea
SHA256

e4bd7da4adafa24e93a6d874ff6af6b0c5ab49b0e4581adfd99dd2a62547d47f
SHA512

b9bd2bfd520e215b6d87f595204da3543b02b27a5b195a083ea63eebdd94032e1fd712ff570f63ac8d0524b17466c0942747402b5a72f443fbfd1bf483ba85ff
SSDEEP

6144:8O0VwBRjG6bAG7o5jo0FKoVDmWVTSumSOeOI1+BiA4w4JsaYEasGHytD46vb:8Ouekq03EaTJOeOI4iAP4JsaCnylvb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5065339f98eed7424854a995df79c39a

Files

5065339f98eed7424854a995df79c39a
.exe windows:4 windows x86 arch:x86

f669b626602c5a17e9bf6dc3779fc4a9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalUnlock
HeapCreate
GlobalAddAtomA
LockResource
LoadLibraryExA
RaiseException
SetErrorMode
InterlockedExchange
GetLocaleInfoA
EnterCriticalSection
GetLastError
GetACP
Sleep
CloseHandle
GlobalFree
FoldStringA
VirtualProtect
GetDriveTypeA
SetConsoleCP
GetStdHandle
GlobalDeleteAtom

user32

GetMenuItemInfoA
GetWindowTextA
ClipCursor
GetParent
ReleaseDC
BeginPaint
GetWindow
IsIconic
CharToOemBuffA
SetForegroundWindow
EndPaint
GetActiveWindow
ShowWindow
GetCursorPos
ValidateRect
DrawTextA
GetClassNameA
GetFocus
DrawEdge

version

GetFileVersionInfoSizeA
VerInstallFileA
VerFindFileA
VerQueryValueA
GetFileVersionInfoA

rasadhlp

WSAttemptAutodialName

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ