5075986de65b70f05c7c4253f4cbd15b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5075986de65b70f05c7c4253f4cbd15b
Size

28KB
MD5

5075986de65b70f05c7c4253f4cbd15b
SHA1

fa13f4efa1b082679d775b73d075563746eb81e9
SHA256

77f1b0812bc8e363760b8df32ee96879babce8f464856e9a69dd67e110c0580e
SHA512

a5abc6738242b4f2869cbe4eba20bd21ab573b8f639d2aad538d1ef48e0d0345e7cd4df1b7938ac17d96e172546fdeadf66ea865bf03d7b8c5ad58e13c1bc983
SSDEEP

384:TYDfxRlKInWCqax3cbXpmgQVFrcVQ3LOyCFQzAp/8avL1EO7mGVL1e:S4IWTGcbZm74VQOCAuiL1Zu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5075986de65b70f05c7c4253f4cbd15b

Files

5075986de65b70f05c7c4253f4cbd15b
.exe windows:4 windows x86 arch:x86

b44d8e69f75d468b64977c8eff600314

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetCurrentProcess
SetEvent
VirtualProtectEx
ExitProcess

user32

DestroyCaret
GetActiveWindow
GetWindowLongW

ntdll

NtReadFile

Exports

Exports

Iojivtqya
Fpxjtbfmw
Karoavbu
CloseEgldxnbweo

Sections

.ztext
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.kwgyhq
Size: - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.becthq
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ