5340a1d59b859612d637d07dbb8ea28e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5340a1d59b859612d637d07dbb8ea28e
Size

295KB
MD5

5340a1d59b859612d637d07dbb8ea28e
SHA1

c26a8c51d37461cd4b357fd8acaa9ceb3e210b9f
SHA256

1bc48f9fd095ed61b3c70cc6c0e61c3326387e2d635cb7c83ae1531d7f34d86f
SHA512

4ffe2a8c205ef91270c7958631e594cd3f1ac531a17d98138058de9e0f2845d934a0d5b8ab47313ce1e1d208fac3783c6ab1e20e7bcf43c71aabbedfdb45499e
SSDEEP

6144:mikrzme099/iq7A3pYPeJJ7epBncsSXyDIPCYIdpCxs3Em0n0rfAi:mBrCeI9/i3pYPWRepBnYXQIPCvbj3F0E

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5340a1d59b859612d637d07dbb8ea28e

Files

5340a1d59b859612d637d07dbb8ea28e
.exe windows:4 windows x86 arch:x86

b212f3224bb90c3752b4df930f77fad0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
LocalAlloc
GetModuleFileNameA
GetModuleHandleA
ContinueDebugEvent
IsDebuggerPresent
WaitForDebugEvent
lstrcmpA
lstrlenA
CheckRemoteDebuggerPresent
LocalFree
GetCurrentProcess
lstrcpyA
CreateProcessA
GetProcAddress
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
RtlUnwind

Sections

.f0Gx
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 286KB - Virtual size: 285KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ