53114c6cddc5fa08cb1395872e4315a7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53114c6cddc5fa08cb1395872e4315a7
Size

39KB
MD5

53114c6cddc5fa08cb1395872e4315a7
SHA1

fd6e24286579e52c9454f0f03d66c02bf9045376
SHA256

1aadcb127d4bac52fb46cd7741efa06bbd88443fce875d5601985b77100f29da
SHA512

1fbb62788d8b36ef1e36b7cd434cf48bbb21496e45e8ff07e30ed7237ffa42266666a7444d68ef5b6a978cff653bcd4eff0347bc13f7cffde7fa06a3ce9a6995
SSDEEP

768:/2ftY2j1zRSkSCuZxMy/JS6iccG6MoJv:MYwMZCUCy/JRiBMo1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53114c6cddc5fa08cb1395872e4315a7

Files

53114c6cddc5fa08cb1395872e4315a7
.exe windows:4 windows x86 arch:x86

db5c5f289f387166224dc6e2155b4639

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

ToAscii
SetWindowsHookExA
SendMessageA
RegisterHotKey
MessageBoxA
GetWindowTextA
UnhookWindowsHookEx
GetKeyboardState
GetKeyState
GetKeyNameTextA
EnumChildWindows
CallNextHookEx
GetClassNameA
GetForegroundWindow
GetMessageA

kernel32

CreateFileA
GetFileSize
GlobalAlloc
GlobalFree
lstrlenA
lstrcatA
Sleep
RtlZeroMemory
RtlMoveMemory
ReleaseMutex
OpenMutexA
ReadFile
GetTickCount
CloseHandle
CreateMutexA
CreateThread
ExitProcess
ExpandEnvironmentStringsA
FindFirstFileA
GetLastError
GetModuleHandleA

advapi32

GetUserNameA

wininet

InternetOpenA
InternetConnectA
InternetCloseHandle
HttpSendRequestA
HttpOpenRequestA
HttpQueryInfoA
InternetOpenUrlA

shell32

ShellExecuteA

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE