5409c4e38678b78ec7ca6895f0bcdead | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5409c4e38678b78ec7ca6895f0bcdead
Size

17KB
MD5

5409c4e38678b78ec7ca6895f0bcdead
SHA1

3024bb9648c0ae28c764c9b4a6760c5c9795c671
SHA256

c8586f08d38f31a7c247af0efd18fbcf5685e4039809a2b91cb766064918748c
SHA512

daa4d25b4d79d59d349a9f9c8512f6b7c5dbf446a5771c239e4814abfdc26c162b7d90665cf10099d7f6c900631aadaac1fa421d69f6b71ad5abd195585786d2
SSDEEP

192:qXt9C61IgZiWa3KWZLy6vFcVRUWq7/dV9wVpNkgk+9Nx5dVbMpzM/qJJ1:qDC61ZWLdtcViWq7/d0R7x57weoJ1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5409c4e38678b78ec7ca6895f0bcdead

Files

5409c4e38678b78ec7ca6895f0bcdead
.exe windows:4 windows x86 arch:x86

43fa8e2b30ebd2a7ebd4e24734675796

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLocaleInfoA
FlushFileBuffers
GetCompressedFileSizeA
SetEvent
GetCurrentThread
GetModuleHandleA
OpenMutexA
GetStdHandle
ReadConsoleA
GetCommandLineA
InterlockedExchange
IsDebuggerPresent
GlobalFree
GetCurrentProcessId
GetACP
HeapCreate
RaiseException
GetSystemDirectoryA
GetCurrentProcess
VirtualProtect
FreeEnvironmentStringsA

user32

IsIconic
ValidateRgn
ReleaseDC
wsprintfA
SetActiveWindow
GetWindow
GetClassNameA
ShowWindow
GetDlgItem
BeginPaint
SetForegroundWindow
FrameRect
GetCursorPos
FillRect
DrawTextA
EndPaint
GetParent
GetWindowTextA
GetFocus

linkinfo

GetLinkInfoData
ResolveLinkInfoA
DestroyLinkInfo
CreateLinkInfoA
IsValidLinkInfo

rtutils

LogErrorA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ