510ab5d2249e6f075a8f587fa4212537 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

510ab5d2249e6f075a8f587fa4212537
Size

345KB
MD5

510ab5d2249e6f075a8f587fa4212537
SHA1

dd8f397ab0d5b948beea0074c44037a39421e9a5
SHA256

e736f5a4e2b505d177066319d2b6b3e1e3793847882943c90513ea66d2ce1554
SHA512

0a10d9a808775e63b79391f3a1dc5b529d8d2fdc01828e93b5c7fb6a7e12cee06b77729e0a90474ce4980b459d36900b808352aff3a2b3b92289f04bb1f78ea5
SSDEEP

6144:lwzeVSR5J6Q5efPgF7iSvoh8f2aGihR7rqQaupi58cTJ8nZNgUrX8yMScVk:lQeVSRqzg5oa+ehRSQM5bJGNgUrTMScu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
510ab5d2249e6f075a8f587fa4212537

Files

510ab5d2249e6f075a8f587fa4212537
.exe windows:4 windows x86 arch:x86

b6d25f191925e7d74e71467cc29866f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LoadLibraryA
HeapCreate
TlsFree
GetSystemDefaultLangID
GetStdHandle
CompareFileTime
lstrlenA
VirtualProtect
WaitForMultipleObjects
HeapReAlloc
InterlockedExchange
GetProfileIntA
WaitForSingleObject
GetModuleHandleA
AddAtomA
GetConsoleCP
TlsGetValue
CloseHandle
GetVersion
GlobalUnlock

user32

TranslateMessage
CreateCursor
GetMenuStringA
GetKeyboardLayout
InsertMenuA
SubtractRect
GetWindowTextA
UpdateWindow
EqualRect
ShowWindow
DialogBoxParamA
MessageBoxA
DispatchMessageA
SetWindowPos
GetKeyState
PaintDesktop
DestroyMenu
PostMessageA
FindWindowA
CreateCaret
ModifyMenuA
EnableScrollBar
CopyRect
SetPropA
GetDlgItem

msi

MsiGetMode
MsiDoActionA
MsiEnumProductsA
MsiEnumClientsA
MsiCloseHandle

ws2_32

WSAAccept

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 172KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 94KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ