534689ecba068710939d3e5def9b110a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

534689ecba068710939d3e5def9b110a
Size

384KB
MD5

534689ecba068710939d3e5def9b110a
SHA1

269496c29db1e677b441edf83801e16a31b6c198
SHA256

48b14bbccdc8e6cd84b71f9b7d9376e45f97ec837c1790d1d3abe0e069fdd179
SHA512

323c4cb3b0f4c1761b1603bef9edc7a53be29eae83082ca3db321194044ffe46eadbeb16d342114b1631c431315d87f0bedc69e84f77e924c7ea54173b93ff2b
SSDEEP

12288:jR5GdCs0O1BkBqwtjFc0fTjZOT59ozIwxuq4wD8T:Kdl31+qAjFVxIozvxuqc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
534689ecba068710939d3e5def9b110a

Files

534689ecba068710939d3e5def9b110a
.exe windows:4 windows x86 arch:x86

7f9241070444132a67c194bf0f2f6586

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateFileMappingA
GetConsoleCP
GetLastError
GetStdHandle
LoadLibraryExA
CreateEventA
FindClose
IsDebuggerPresent
CloseHandle
LocalFree
IsBadReadPtr
LocalUnlock
GetFullPathNameA
CreateFileA
GlobalLock
lstrlenW
FreeEnvironmentStringsA
HeapCreate
GetACP
GetModuleHandleA

user32

IsWindow
GetMessageA
DefWindowProcA
PostMessageA
DispatchMessageA
GetIconInfo
EndDialog
GetDC
EmptyClipboard
SetFocus
GetDlgItem
ScrollWindow
CreateDialogParamA
DrawIconEx

uxtheme

GetThemeColor
EnableTheming
GetThemeMetric
DrawThemeIcon
CloseThemeData

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ