5510f822d84d123c35b3c614dde9948d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5510f822d84d123c35b3c614dde9948d
Size

54KB
MD5

5510f822d84d123c35b3c614dde9948d
SHA1

3514bf63879030861bec5c9669be176abd79d60d
SHA256

ccc4ef8944558a8e3a07bff0fb71339ee36599f0673b9b7e37718cdf67d48337
SHA512

33a5b096fe698b7b243b7604e51e9672588be8a540a89da5d72e4e6e715ca615b4dceec0e22c83d41f712052fec736c7de0884c3d42a18696e28cbda4ce66550
SSDEEP

768:UJnQYyufZj4eTaLSGOinuPP47raTbiI4XjDITgv32dF3sCIwO5E:bYyiFT2SMnuPgPwbibfI43233slm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5510f822d84d123c35b3c614dde9948d

Files

5510f822d84d123c35b3c614dde9948d
.exe windows:5 windows x86 arch:x86

576aca5c3931d804fce09c86d62f4825

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

CryptReleaseContext

kernel32

ReleaseMutex

shlwapi

PathCombineW
PathFileExistsW
PathFindFileNameW
PathRemoveFileSpecW
StrStrW
wnsprintfA
wnsprintfW
wvnsprintfW

user32

CharLowerBuffA
CloseWindowStation
GetClassNameA
GetKeyboardState
GetKeyState
GetMessageA
GetWindowTextA
LoadCursorA
MsgWaitForMultipleObjects
PeekMessageA
SetThreadDesktop

Sections

.bop
Size: 44KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.buh
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ren
Size: 6KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ