5235e4e90760759db966bd0d57883750 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5235e4e90760759db966bd0d57883750
Size

56KB
MD5

5235e4e90760759db966bd0d57883750
SHA1

851af3a31db40aba0f38148a922b92964a55fa1c
SHA256

c272ce2a279a5e0b6405e730274e946233a05211194f8a0897bc7e737f288ecd
SHA512

2739c25a04efb1f6f4e507d4b07b374dbc17de1fe7547046c8d6f6d2dcb1b802ceb0f3bab3cb0b008be71a1f8d3cd163a80842caefd74fe7610f769a6cbd583f
SSDEEP

1536:NxjlbXmnQUI9O8nxo0dLlqognXtru65kVtDFwQ/xttI:NxlXE/AHnoogXt55kVbh/LS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5235e4e90760759db966bd0d57883750

Files

5235e4e90760759db966bd0d57883750
.exe windows:4 windows x86 arch:x86

ec5251b8eafb638b7315f6c45709bb15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CancelWaitableTimer
ExitProcess
GlobalMemoryStatus
LoadLibraryExA
LockResource
TlsAlloc
WaitForSingleObject
WriteProfileSectionW

user32

CheckMenuItem
CheckMenuRadioItem
DdeGetLastError
DefWindowProcW
EndMenu
EnumWindowStationsW
GetClassNameW
GetCursor
GetDlgItemInt
GetMessagePos
IsCharAlphaNumericA
SetWindowRgn

shell32

DllGetClassObject
ExtractIconResInfoW
PrintersGetCommand_RunDLLW
RealShellExecuteW
RegenerateUserEnvironment
SHBrowseForFolderW
SHChangeNotify
SHGetDataFromIDListA
SHGetDesktopFolder
SHGetInstanceExplorer
SheGetCurDrive
SheGetDirExW
ShellExecuteExA
ShellExecuteW

gdi32

CopyEnhMetaFileA
CreatePolygonRgn
ExtSelectClipRgn
ExtTextOutW
GdiPlayDCScript
GetLogColorSpaceA
PolyTextOutW
SetSystemPaletteUse
SetViewportExtEx
SetWindowExtEx
StretchBlt

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE