5083adfcbbe2f0036c4f8564adcb582b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5083adfcbbe2f0036c4f8564adcb582b
Size

65KB
MD5

5083adfcbbe2f0036c4f8564adcb582b
SHA1

25fe474c0f188e0e6a3d07aa953cab893eadce9d
SHA256

c669334708185601890d1bebf1825a5749d30d2c337ab60a24037a1953b95f62
SHA512

8c6c5ae5a6cac8fe377f10a88283c4910186412393366484c323631a415f108f1dc0ba2239e4c914cffc5a439293d03edb77cf466f00ff6d6d90e9f612a39173
SSDEEP

1536:z/cy0pJbGHKa1bKdrgaSy3halEzUe0l7iZHL14x:nHN1Utd3TUsZ4x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5083adfcbbe2f0036c4f8564adcb582b

Files

5083adfcbbe2f0036c4f8564adcb582b
.exe windows:4 windows x86 arch:x86

1c09d553803b5a265ec7f8cbb6867303

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
StrCmpNIA
PathRemoveFileSpecW
SHDeleteKeyA
wnsprintfA
StrCmpNIW
StrStrW
wvnsprintfA
wvnsprintfW
PathFileExistsW

kernel32

VirtualProtect
VirtualAlloc
lstrcpynW
GetFileSize
GetUserDefaultUILanguage
Sleep
HeapAlloc
FindResourceW
GetFileAttributesA
GetModuleFileNameW
GetCommandLineA
GetModuleHandleA
GetTickCount
FindNextFileW
CloseHandle
GetLastError
FindClose
InitializeCriticalSection
SystemTimeToFileTime
lstrcmpiA
HeapReAlloc
HeapFree

user32

GetWindowThreadProcessId
GetDlgItemTextA
CloseDesktop
GetCursorPos
FindWindowExA
GetClipboardData
GetWindowTextA
GetKeyboardState
ToUnicode
GetForegroundWindow
SendMessageA
ExitWindowsEx
GetIconInfo
LoadCursorA
EndDialog
CharLowerBuffA
GetWindowLongA

advapi32

CryptCreateHash
CryptGetHashParam
RegEnumKeyExA
RegCloseKey
CryptDestroyHash
CryptHashData
DuplicateTokenEx
RegSetValueExA
RegCreateKeyExA
CryptReleaseContext
CryptAcquireContextW

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE