5229d65a1d89339a3c607b067b836a65 | Triage

Sharing

General

Target

5229d65a1d89339a3c607b067b836a65
Size

126KB
MD5

5229d65a1d89339a3c607b067b836a65
SHA1

c972e5db44de19b275f4abfd2db8eaf5aa15ff6e
SHA256

e009b3e725db703ac2dcee42423060124e9c5dded80a126df56f1af311762a5d
SHA512

0e3dfe58a47a5188131b6b50724230d62b6c6b039fd3c07f9cd3f2a0b9cd22e240e3d2c27e78c3b76bdd25bcc761ed122df5ddd8c304e55d7d1e94cf937972ce
SSDEEP

3072:sLIehiOyuwaJnZ+3fmpWCw/pzCEEukzV/itF3AFS:MIQqoZ/ehxUzV/itG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5229d65a1d89339a3c607b067b836a65

Files

5229d65a1d89339a3c607b067b836a65
.exe windows:5 windows x86 arch:x86

f93e596801ad38c62f9477abc32faac1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
EnumSystemLocalesA
GetStartupInfoA
InitializeCriticalSection
WaitForSingleObjectEx
LoadLibraryA
GlobalSize
GetCurrentDirectoryW
lstrcmpiA
GetTickCount
ResetEvent
GetProcAddress
TryEnterCriticalSection
LocalAlloc

user32

GetSystemMetrics
SetWindowTextA
ScreenToClient
DrawStateW
SetWindowTextW
FindWindowExA
LoadStringW
ReplyMessage
wsprintfW
CreateDialogParamW
CharLowerW
MonitorFromPoint

gdi32

CreateFontIndirectA
SetWindowOrgEx
DeleteObject
BeginPath
SetBitmapDimensionEx
CombineRgn
SetBitmapBits
SetDIBits

Exports

Exports

?VillecrmbVd@@YGPAIPAGD@Z
?yjdwrsvf@@YGFI@Z

Sections

.text
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ