5206fb084a169be95cac553347c5492d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5206fb084a169be95cac553347c5492d
Size

34KB
MD5

5206fb084a169be95cac553347c5492d
SHA1

edfa3527c959cdb87be60657349126dca8ac9187
SHA256

4de67160e2e4bcf4d9255cd14ae5d51f720327d9b71265ce5c1b8b681b2cb887
SHA512

6c4376e395cf7ef5735ee2f088fadf574b23a8b6341490a0837c09fe90d0524d86406ff9c1dbbdf18247d3c5adadb321a1ec2718429fbd0ef4591d2abcc34b73
SSDEEP

768:c4X7brJBRLp1ubYJPr4wZ/x2ZcafO/rAt0slsW2A:lXLBju2r4uYiDE0YsT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5206fb084a169be95cac553347c5492d

Files

5206fb084a169be95cac553347c5492d
.exe windows:4 windows x86 arch:x86

c5e040e8be8ce07e548c8232cc95cee8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileA
lstrlenA
lstrcpynA
WriteFile
lstrcatA
GetProcAddress
LoadLibraryA
CloseHandle
lstrcpyA
ExitProcess
lstrcmpA
GetCommandLineA
CreateProcessA
GetTempFileNameA
OpenMutexA
GetModuleFileNameA
CreateMutexA
GetTempPathA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
RtlUnwind
GetVersionExA
VirtualQuery
TerminateProcess
GetCurrentProcess
IsDebuggerPresent

user32

wsprintfA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 256B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ