54f312978244b0515c9aaea832f67781 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54f312978244b0515c9aaea832f67781
Size

32KB
MD5

54f312978244b0515c9aaea832f67781
SHA1

28404857203065540a4dd510e3d7ee6ad40ae12a
SHA256

26c3e359831a5ed34d8ca6f0ddb5d15d49d0c6bf1d4e61c39ab2920cdd82ed20
SHA512

a1fb734812beca3db5cc6dd37501627f811a9c1605906cec8e82da9ff8fe0ebf433d2613161c5fdff7e2723553a0d54bb1bb85e0e9a5650e43f3909252181da4
SSDEEP

768:IqAPxziNzZnRTd5ulMFlgtOZNTUY0qjmRMsv4wc:9q+NzZnn5DlJNQPF2+41

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54f312978244b0515c9aaea832f67781

Files

54f312978244b0515c9aaea832f67781
.exe windows:4 windows x86 arch:x86

eef9eb0214ccee30d869ed756cd4c9c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
lstrcmpiA
Process32Next
OpenProcess
TerminateProcess
Process32First
CreateToolhelp32Snapshot
SizeofResource
GetModuleFileNameA
DeleteFileA
CopyFileA
Sleep
lstrcatA
lstrcpyA
lstrcpynA
LoadResource
CreateFileA
LockResource
WriteFile
CloseHandle
WinExec
GetWindowsDirectoryA

user32

wsprintfA

advapi32

RegSetValueExA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 826B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ