542a0d23bad21f26360c6c617e5dc524 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

542a0d23bad21f26360c6c617e5dc524
Size

184KB
MD5

542a0d23bad21f26360c6c617e5dc524
SHA1

523d35fbc6a201ee53ef4569cc5ffebff577c90d
SHA256

0a844ab98ff5b1f945c0971fe9594c0210cd541b1cc9c7fa483e9f0f8465d8ec
SHA512

8e13dc66bbf0e418caae53b3beab812be8af6ef51db2659e14a24a183f7f3cdf7e5680dd39f573249ed8a7a9b8ffb7dc8f27b304bb7f99d080f5269b8835865b
SSDEEP

3072:BsoxDyXnoqV9ueZ4PdEW9CpmnFZkNRaWWGaiBTBVAAudv5bXEj95V2wB:BskDCnDueGPdwpmFMaQBTBVAA8TwB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
542a0d23bad21f26360c6c617e5dc524

Files

542a0d23bad21f26360c6c617e5dc524
.exe windows:5 windows x86 arch:x86

0b4db2ae28f0fa724a4cb7ff2e6a4129

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTimeZoneInformation
SuspendThread
LoadLibraryW
SetThreadContext
GetACP
FindResourceExW
AreFileApisANSI
GetCommandLineW
lstrcmpiW
DeleteFileA
IsDBCSLeadByte
GetProcAddress
CreateSemaphoreA

user32

WindowFromPoint
DrawMenuBar
SetCursorPos
GetScrollPos
GetWindowLongA
KillTimer
RegisterClassExA
GetWindow
MapDialogRect
GetSysColor
ValidateRect

gdi32

GetTextFaceW
CreateSolidBrush
CreatePolygonRgn
GetTextExtentPoint32W
RemoveFontResourceW
SetAbortProc
GetObjectA

comdlg32

GetSaveFileNameW
FindTextW

Exports

Exports

?shwzCfvLOyezctzor@@YGMF@Z

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 1024B - Virtual size: 606B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 143KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crt
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ