5404f45dc71ec71f775c899d1e600995 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5404f45dc71ec71f775c899d1e600995
Size

484KB
MD5

5404f45dc71ec71f775c899d1e600995
SHA1

cc768b55a83e4773ac9bf88c40cadd6fb2ca19f8
SHA256

b2aa5bf3311b7ded566f9fce1009d68cb3a9157f769f990a5102843c0dd0ca4e
SHA512

9694336e8d35e8a72426a5b6c7c2c1ddba5bf5f6e6b9845933c228e285d4039877fb0360ebddb932bc06e326319642fda88874526ef359e1ec64c0c5bef814d2
SSDEEP

12288:tjCwfjtJ+7aDgQ/C9ykw6/gGbeMMG2yl:trfjtY+DNVGbezG2y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5404f45dc71ec71f775c899d1e600995

Files

5404f45dc71ec71f775c899d1e600995
.exe windows:4 windows x86 arch:x86

5fb087843ab7a8c668e2cf2170facd5a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

DbgUiContinue
RtlInitializeSid

kernel32

GetLastError
GetCurrentProcessId

Sections

.text
Size: 477KB - Virtual size: 480KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE