540f75d9517467be01ed26574d3f7509 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

540f75d9517467be01ed26574d3f7509
Size

41KB
MD5

540f75d9517467be01ed26574d3f7509
SHA1

58ffd4f73845fcc075d6d7d47f140cfbe9b403be
SHA256

e9b0110e2e101773d04332d5e78e53d553c86f9d00cce6dd79b755a6acc80b4f
SHA512

c1973277a21bba547e7db6a784cde97628927b8c6efefe5e851c43d73c2d4f7cbf38de7ba86d86c02c09faa98a24053ea90c2fe9451553b9a97d4cdb9e32bf1c
SSDEEP

768:T6MBLlkUdtlG5U+lwd7oZ2Ki05ti1dFp1a+zdXQzFV4HWoS4YFvXqEjSwC0:mMBLlkUvgy+O8tiTZK9wCC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
540f75d9517467be01ed26574d3f7509

Files

540f75d9517467be01ed26574d3f7509
.exe windows:4 windows x86 arch:x86

ae0a5112fe1176f4e5f6e1bc95e4c209

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

kernel32

FreeLibrary
lstrcatA
GetModuleFileNameA
ExitProcess
LoadLibraryA
GetProcAddress
lstrlenA

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 1024B - Virtual size: 556B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 404B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ