55003d43c145a8d5c3cce2eb332382a2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55003d43c145a8d5c3cce2eb332382a2
Size

42KB
MD5

55003d43c145a8d5c3cce2eb332382a2
SHA1

972e71a2f9c1b48675fdfd4fa93649459da11bab
SHA256

db7f447ed59c9937bdf6a30a399aa46b14d8ebb7293d8fac69c76f5c3b6476ae
SHA512

a11ab92e1bb75529c65721ec83745918bc803e97dae97a25f4b5c71f8ef8ef051145d10f4785c74092838253389b51fe214fb222f43391ae58f4b71eb7bd147d
SSDEEP

768:5V4tpuBr32jMzrUhoh9u73pc69IJSBdwb/StBkdorwhdY:34vkLzfioLI5cUA4wbqbCoT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
55003d43c145a8d5c3cce2eb332382a2

Files

55003d43c145a8d5c3cce2eb332382a2
.exe windows:5 windows x86 arch:x86

21eb6245214a7aeb4ffd072bcdc09779

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
VirtualFree
ExitProcess
lstrcmpiA
VirtualProtect
IsBadReadPtr
GetProcAddress
LoadLibraryA
CreateThread
GetModuleHandleA

user32

DefWindowProcA
CreateWindowExA
RegisterClassExA
LoadCursorA
LoadIconA
SendMessageA
KillTimer
GetMessageA
DispatchMessageA
TranslateMessage
SetTimer

Exports

Exports

func1
func2
start

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ