538c0567ba9f5eaafe52663e4c91d44b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

538c0567ba9f5eaafe52663e4c91d44b
Size

174KB
MD5

538c0567ba9f5eaafe52663e4c91d44b
SHA1

2a33c23d33ec0465ec965377a9bcf342b5fc3328
SHA256

1507d6cf1c1d3e631fad7ce23b553edc2eef6d828b956428f5b1e643da206942
SHA512

ba71c0d7754520559b950b97f4949d57bd00a9913da3a1e4742e69a0f41c6a0fc31519bf4e02716e1c1a123d080e76dab385eba0a37d78b518a9e0816c49027e
SSDEEP

3072:2YLI180d6Vj6VITrIrvvPKaEQKWBE3cMfjPQ8yraJou3K:2Y0656yT0zvlKWBOcMfgraJLK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
538c0567ba9f5eaafe52663e4c91d44b

Files

538c0567ba9f5eaafe52663e4c91d44b
.exe windows:4 windows x86 arch:x86

e7522a2b3e3b1304474bdaa0e81d57fb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

lstrcmpA
lstrlenA
lstrcmpiA
VirtualAlloc
GetLastError
lstrcatA

version

VerFindFileA
VerQueryValueA
GetFileVersionInfoA

comdlg32

GetFileTitleA

shell32

SHGetFileInfoA
SHGetDesktopFolder
SHGetSpecialFolderLocation

gdi32

GetDIBits
SelectPalette

advapi32

RegEnumValueA

user32

CreateMenu
CharNextA
SystemParametersInfoA
TranslateMDISysAccel
TrackPopupMenu
ShowWindow
wsprintfA

Exports

Exports

_Gm

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 135KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 918B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ