5279d7dfb30f8237b921b26006f1e49f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5279d7dfb30f8237b921b26006f1e49f
Size

131KB
MD5

5279d7dfb30f8237b921b26006f1e49f
SHA1

fdae07620f071d88b0be5f8b6e3061eb4887cce7
SHA256

d2f79c3392f9f06b32aae8a4fe4a47c35a945de2543704d9beeaff3cb2d9fd8f
SHA512

6d6a6aeaf7d1d30b10f2e7f33e7a5e4864434400de8c28c38fdb98a748c49c073587f7eb334d9f7bb4cc22a9650c1f374cef3f4a6a780dccacdceb07839d2aa2
SSDEEP

3072:ITw5TCKra+F65sfngiz8Yvn+fhQA1G4Z428yS69Zi0UseSiaq:ITw5TCKra+F6m/0Yvn41Gn2DSEa9SiR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5279d7dfb30f8237b921b26006f1e49f

Files

5279d7dfb30f8237b921b26006f1e49f
.exe windows:4 windows x86 arch:x86

c3a0961f2561b44362bdcfb773ee9a99

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA
GlobalAlloc
CloseHandle
ExitProcess
GetModuleFileNameA
GetCommandLineA
HeapAlloc
GetProcessHeap
HeapFree
GetStartupInfoA

user32

wsprintfA

Sections

.text
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 123KB - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE