54fac4037a5ab932f0f98ef0cd7d634d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

54fac4037a5ab932f0f98ef0cd7d634d
Size

179KB
MD5

54fac4037a5ab932f0f98ef0cd7d634d
SHA1

9c9e8c77c6c900c128af54c83a51f7195e732608
SHA256

141f82a30d50fbae6fca2210bad0f9483abd771368a553d86158b3afabc7348c
SHA512

5f7cf059612b0e78911441d6d5957fcde315f7cd7cc0a56c1ec2abd58d8e67378e00064b1cbcc84fa5a87d9d34f43c35178588127989f12f2cffa03007cea408
SSDEEP

3072:8r1+/HRWZ6kT9rJ9QDDTRMbew5G9yoqXpcM6PMfUAZK6MOaxpAoPnXRWh:C+p7ctbQ6bWCp56Ea658FQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
54fac4037a5ab932f0f98ef0cd7d634d

Files

54fac4037a5ab932f0f98ef0cd7d634d
.exe windows:4 windows x86 arch:x86

80524c90af24ddebbfac78239799e4c3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcessId
TerminateProcess
IsDBCSLeadByte
GlobalGetAtomNameA
GetCommandLineA
SizeofResource
GetProfileStringA
GetFileAttributesA
GetPrivateProfileSectionNamesA
GetPrivateProfileStringA
WritePrivateProfileStringA
FindResourceA
SetErrorMode
GetProcessTimes
CreateFileA
EnumResourceTypesA
SetUnhandledExceptionFilter
GetPrivateProfileIntA
lstrcpyA
GetModuleFileNameA
WriteProfileStringA
LocalAlloc
GetTickCount
IsSystemResumeAutomatic
FormatMessageA
CreateDirectoryA
LoadResource
lstrcatA
LoadLibraryExA
GetPrivateProfileSectionA
lstrcpynA

version

GetFileVersionInfoA

shell32

SHIsFileAvailableOffline
SHGetFileInfoA
ShellExecuteExA
DragAcceptFiles
SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ