543e7b720f888da0d9ce4184a798f42b | Triage

Sharing

General

Target

543e7b720f888da0d9ce4184a798f42b
Size

40KB
MD5

543e7b720f888da0d9ce4184a798f42b
SHA1

84c3148359b3b9a1984f23c44614e0373aae4e45
SHA256

7c33f52cb885148b07b789675f0d0cbee594abaa4db80e236eac29d5cb438540
SHA512

05f2035cb30e0bbe6f2d979f7d789475a909fff563975774af4677c2006bafb925a09cf907691abb4358c0a4cf2a19c993f0e5ec076b0088060ce29e5317b717
SSDEEP

768:PXqV66DHeCL8DJVTiQQsOazF64xHk2rqWWQUS8FOjIlMv:Pao6DHe9zTph3zFTxZf8iv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
543e7b720f888da0d9ce4184a798f42b

Files

543e7b720f888da0d9ce4184a798f42b
.exe windows:4 windows x86 arch:x86

e580ee376c97aba9f5537f019c95f55a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumResourceTypesA
ExitProcess
FoldStringW
FreeLibraryAndExitThread
GetDiskFreeSpaceExW
GetThreadContext
GlobalHandle
ReadFile
SetEndOfFile
SetFileAttributesA
SwitchToThread
TlsAlloc
Toolhelp32ReadProcessMemory
lstrcpy

advapi32

AddAce
CryptGetKeyParam
DuplicateTokenEx
GetMultipleTrusteeOperationW
GetServiceDisplayNameA
GetSidSubAuthorityCount
LookupSecurityDescriptorPartsA
RegQueryInfoKeyW
SetEntriesInAccessListA
SetServiceBits
SetServiceObjectSecurity
StartServiceW

shell32

DragFinish
DragQueryFileAorW
DragQueryFileW
ExtractIconResInfoA
FindExeDlgProc
InternalExtractIconListW
SHBrowseForFolderA
SHHelpShortcuts_RunDLL
SHHelpShortcuts_RunDLLW
SheChangeDirW

gdi32

CreateDIBSection
CreateEllipticRgn
GdiComment
GetCharABCWidthsFloatW
GetCharWidthFloatA
GetDeviceGammaRamp
GetFontLanguageInfo
GetKerningPairsA
GetPath
GetRandomRgn
InvertRgn
PlgBlt
SetBkColor
SetColorSpace
SetWinMetaFileBits

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE