53fdb610eb4a1d7d6d5b52551e5bf5d0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

53fdb610eb4a1d7d6d5b52551e5bf5d0
Size

64KB
MD5

53fdb610eb4a1d7d6d5b52551e5bf5d0
SHA1

16b777e1d2b2235efc657fc8c8238b8961978d24
SHA256

15e0d7a4a6d81548b81072aa17bc99e5723f561831ec828a9397171fd684e0c2
SHA512

4f93a7592eb228c44ffb4036c368f97788b626b4799f43f787083efb4608b672ed3efc345863010800a71c6fb078f1497f6d50abacff939e38c32086cf53aa2a
SSDEEP

1536:j3rfNzb3GvBzkNZKAe3n0NOcb0ThP0Lh+:/NevBzqKAe3MbQ5SE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
53fdb610eb4a1d7d6d5b52551e5bf5d0

Files

53fdb610eb4a1d7d6d5b52551e5bf5d0
.exe windows:4 windows x86 arch:x86

61d897c1b75a76463cc4d2871f8a3c44

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenW
GetDriveTypeW
GetCurrentThreadId
LoadLibraryA
MultiByteToWideChar
SizeofResource
GetModuleFileNameW
SetLastError
FindFirstChangeNotificationW
GlobalFree
VirtualAlloc
GetLogicalDrives
TerminateThread
DuplicateHandle
ReadFile
GetTickCount
GlobalUnlock
Sleep
FindResourceW
GetPrivateProfileStringW
lstrcpyW
WaitForMultipleObjects
MulDiv
SetEndOfFile
GlobalDeleteAtom
GlobalAlloc
LoadLibraryW
GetProcAddress
WriteFile
ResumeThread

user32

SetWindowTextW
DefWindowProcW
MessageBoxW
LoadStringW
DestroyMenu
GetMessageW
wsprintfW
FillRect
DestroyIcon
EndDialog
GetWindowTextW
SystemParametersInfoW
GetWindowThreadProcessId
WindowFromPoint
EnableWindow
GetParent

gdi32

MoveToEx
CreateRoundRectRgn
SetBkMode
CreatePen
GetMapMode
CreateICW
BitBlt
DPtoLP

advapi32

StartServiceW
RegCreateKeyExW
GetUserNameW
SetSecurityDescriptorDacl

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE