505bb0af63b9f86b2a44dc22a93627a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

505bb0af63b9f86b2a44dc22a93627a1
Size

108KB
MD5

505bb0af63b9f86b2a44dc22a93627a1
SHA1

193c6f1f08841a65492f2ecc0dec3fc079e1754c
SHA256

d26cb5ca1f81acd9b96297a6ca3618ad11fb0f6fdf251b6d243a38c9f8af1dd8
SHA512

10401cc209329e0a2265a37cd8bde080abfe7f845041a6aa0cfbc2247ed91a59e9fc8b5c9abece180d08b02f857a120a127b135ae47e561cddd5fb22aa16cb6d
SSDEEP

3072:1FX0tTnYXSwFld3Mp/AUBH2r3OM+r2p52:zEtTKSwfd88L

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
505bb0af63b9f86b2a44dc22a93627a1

Files

505bb0af63b9f86b2a44dc22a93627a1
.exe windows:4 windows x86 arch:x86

d5444b32f4b8492425b8f50c9182933e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GdiPlayScript
GetBkMode
GetClipBox
GetFontData
GetMetaRgn
GetPath

user32

CallMsgFilterA
CopyRect
AdjustWindowRect
CreateIcon

kernel32

GetConsoleMode
LocalFree
MulDiv
SetupComm
IsBadWritePtr
HeapSummary

Sections

.text
Size: 62KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE