53a578f183c32b9f9feebf6d6ca86387 | Triage

Sharing

General

Target

53a578f183c32b9f9feebf6d6ca86387
Size

225KB
MD5

53a578f183c32b9f9feebf6d6ca86387
SHA1

fd155531976504e8e0ea2a76c664db39ef963c5d
SHA256

4da5c41f116e80933446d401dfe99afd91f242c8b35b0ebd43fec1d2c49b219b
SHA512

7ae94978a9274f5c58a801d601f8ff23b7e3ed29d389ca3a1f589eb57e6e262b0ee36292146a4f1c29c77e193c3899894ed46549df59db9dd191e0f9bfc37076
SSDEEP

3072:XzfkVc2upr260NMt0y/gb14P/IKNuhXdzTgDhV0SjNfJ9irxEg27UtfyWdkbq:Xz8Vc20gjy9/GFgDudQ7UtEb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53a578f183c32b9f9feebf6d6ca86387

Files

53a578f183c32b9f9feebf6d6ca86387
.exe windows:4 windows x86 arch:x86

60ede0292a4e61de6f8cdf6a8476738d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

Beep
EnumSystemLocalesA
ExitProcess
GlobalFix
LoadResource
ScrollConsoleScreenBufferW
SuspendThread
TlsSetValue

advapi32

BuildImpersonateTrusteeA
BuildTrusteeWithNameW
ConvertSecurityDescriptorToAccessNamedW
CryptAcquireContextA
CryptEnumProvidersW
GetServiceDisplayNameW
GetSidIdentifierAuthority
GetSidSubAuthorityCount
OpenServiceA
RegEnumKeyExA

shell32

CommandLineToArgvW
Control_RunDLL
Control_RunDLLW
DllInstall
DragQueryFileA
FreeIconList
SHGetFileInfoA
SHGetPathFromIDListA
SHHelpShortcuts_RunDLLW
SHInvokePrinterCommandW
SheGetCurDrive

gdi32

CheckColorsInGamut
ExtTextOutA
GetColorAdjustment
GetMetaRgn
GetSystemPaletteEntries
PolyBezierTo
SelectClipRgn
SetColorSpace
UpdateColors

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 232KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ