5436926aee6593a0cb62ad0ddf3fb6d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5436926aee6593a0cb62ad0ddf3fb6d9
Size

54KB
MD5

5436926aee6593a0cb62ad0ddf3fb6d9
SHA1

f0bdc595b3007f119436293a6ede9e62c48ceefd
SHA256

b04b55226552beb70f598dca83694bf6fecfe972347f3843f2fd647858b4b9d8
SHA512

24a7a4fef6517fe9a602e5f7a8e68277fd090a350d9d84bd2f1d7d0cf497e637996c58d236cfed3089e26e6bb71bb1497702eb692e7d8ff3456f45966ac3f905
SSDEEP

1536:niRsUuNLx/21uq2/nbLZBlYpyun1RFzjRFU/uMoY:ni1uNN/o2/bLfGQuDVjQAY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5436926aee6593a0cb62ad0ddf3fb6d9

Files

5436926aee6593a0cb62ad0ddf3fb6d9
.exe windows:5 windows x86 arch:x86

e0d67fda2a696cb2a2fc05aea973ff95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFree
VirtualAlloc
GlobalAlloc
VirtualFree
ExitProcess

gdiplus

GdipCreateHBITMAPFromBitmap
GdipGetImageWidth
GdiplusStartup
GdipCreateBitmapFromStream
GdipGetImageHeight
GdiplusShutdown
GdipDisposeImage

gdi32

DeleteObject
GetDIBits
DeleteDC
CreateCompatibleDC

ole32

CreateStreamOnHGlobal

comctl32

ord17

ntdll

memcpy

Sections

.text
Size: 1024B - Virtual size: 630B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 736B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ