5393f1946310f598b766f515c2a9d367 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5393f1946310f598b766f515c2a9d367
Size

27KB
MD5

5393f1946310f598b766f515c2a9d367
SHA1

95f3b0661b24fcfdc5d0f820e09f1c2b8702665d
SHA256

d1d07ea146bf05643aece8790aec6a11c69afc77419fc3aba29627dd6b7153d0
SHA512

8a48dcd5b75619fc566aa8bf9757fecca096e30bf652bad493cc6b649151c754aa82bf41767587226c63da960f94cadc7bad86798c9cc693a1fde05ebb4c9db1
SSDEEP

384:4LHccccccccccccccccccccccccccccccccccccccccccccccccccccccccccccg:4L4RRQNI7UTyiWy43ztjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5393f1946310f598b766f515c2a9d367

Files

5393f1946310f598b766f515c2a9d367
.exe windows:4 windows x86 arch:x86

a48eebb9dfcb29f4482b038b17ec8d04

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA
CloseHandle
GetModuleHandleA
Sleep
GetVersionExA
GetStdHandle
GetStartupInfoA
CreateEventA
lstrlenA
LocalAlloc
GetTickCount
GlobalFree
GetLastError
lstrcatA
GlobalAlloc
lstrcpyA
GetFileSize

gdi32

GetPixel
DeleteObject
CreateCompatibleDC
BitBlt
LineTo
PatBlt
GetStockObject
ExtTextOutA
GetDeviceCaps
GetTextColor
SetPixel
SetROP2
GetBkColor
GetTextMetricsA

user32

MessageBoxA
SetFocus
GetSysColor
CreateWindowExA
LoadIconA
ShowWindow
DestroyWindow
EndDialog
PostQuitMessage
GetMessageA
BeginPaint
DispatchMessageA
EndPaint
GetClientRect
GetFocus
DefWindowProcA
SetWindowTextA
ScreenToClient

msvcrt

__setusermatherr
__set_app_type
_c_exit
__CxxFrameHandler
_adjust_fdiv
wcslen
_exit
memmove
__getmainargs
toupper
__p__fmode
exit
wcstoul

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ