5321f799f60396bb372d44210d5398db | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5321f799f60396bb372d44210d5398db
Size

358KB
MD5

5321f799f60396bb372d44210d5398db
SHA1

a5c761bdb9d53c09d086b2efc994375d4eaad117
SHA256

2328a9f2dc959cd2c6eca765dbaf1c63c5e0901153865c28dd8262631763b035
SHA512

238f43dc1009feadb57eb00e11ccb2faa2782fe98d255c290d18d7fdea691ccd5dfdf70cb99ea9c6903f117836ffd6a6a0ad6ec5f387dd6a637386dae94b3864
SSDEEP

6144:9apb2UFYTdgv91rT/FFw85YMlOG/XPpcQcyDbujpfYzsK1M/mcV35uElo2ER86Oc:Uh+pgvHH/GenZcQ1QYz3g5H5EaU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5321f799f60396bb372d44210d5398db

Files

5321f799f60396bb372d44210d5398db
.exe windows:4 windows x86 arch:x86

e31da9913b579477f2a01abc7b830faf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDebuggerPresent
FreeLibrary
GetProcAddress
EnumCalendarInfoA
LoadLibraryW
WideCharToMultiByte
DeleteFileW
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
GlobalLock
GlobalUnlock
GlobalAlloc
GlobalFree

oleaut32

SafeArrayDestroyDescriptor
GetErrorInfo
VarFormatNumber
SetErrorInfo
GetActiveObject
VariantInit
SysFreeString

msimg32

TransparentBlt

Sections

.text
Size: 248KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE