5507c9480d43deddbc81468c7723bf49 | Triage

Sharing

General

Target

5507c9480d43deddbc81468c7723bf49
Size

108KB
MD5

5507c9480d43deddbc81468c7723bf49
SHA1

3a268f2dfb75f8e37c993ab01d6c2f9ec394aa61
SHA256

35be249961d1be52a9eb56467d6edd10f68f43f34022f1db31ed787565a73a40
SHA512

ea6523b24e7d97654de752609d9ed3f20b13da83bf794dc963eaf3981134b168231549f34a38d5e8dd19771b0aac241d1b887f8c496f0719c969875f91068c81
SSDEEP

3072:xw3itXeoTHmcns3F/4AiExJl6toklZZNIOeSKjoLUk:xISTGcns3Xi6JkFZNIOejzk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5507c9480d43deddbc81468c7723bf49

Files

5507c9480d43deddbc81468c7723bf49
.exe windows:4 windows x86 arch:x86

253553e27c720289e902b012fec26137

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateFileA
IsBadReadPtr
SuspendThread
ReadFile
GetCurrentDirectoryA
GetEnvironmentVariableA
EnterCriticalSection
GetFileAttributesA
CloseHandle
SetFileAttributesW
GetVersion
FindAtomW
VirtualAlloc
GetModuleHandleA
GetCommandLineA
DeleteAtom
HeapSize
SetEndOfFile
GetFileSize
ExitProcess
SetLastError
WaitForSingleObject
SetLastError
DeleteFileA

cryptui

CryptUIDlgFreeCAContext
DllUnregisterServer
LocalEnroll
CryptUIWizDigitalSign
DllRegisterServer
CryptUIWizBuildCTL
CryptUIWizExport
CryptUIWizImport
CryptUIStartCertMgr
WizardFree
CryptUIDlgViewContext
WizardFree
LocalEnrollNoDS

winrnr

NSPStartup
NSPStartup
NSPStartup
NSPStartup

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ