5531149b5b60410480a338ca1b047165 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5531149b5b60410480a338ca1b047165
Size

18KB
MD5

5531149b5b60410480a338ca1b047165
SHA1

55f1b011eab1e40c594aad77ec84a6f2a1b613e0
SHA256

89f7dc5946ebffe6898b315136c26db18cddd8af3384b145456567a38a861888
SHA512

916fc881a9a5d1c67c5d896b4bef5d0764d063d4159d055bfa2b269cfb88bc78d9475fad2fc7eefdea473bae39e4d6ff2d4d9ddc34dd7dd9e3f5cd59cf8bca06
SSDEEP

192:NbxdiqzPxXpmPeuo4DwLYW0/Yeawx7yXe0VC8Pjtp8rYxRFJzw/4HUkT59UeyOaR:NCKoPeX/XxRA4HUkd9jk6BgdalIBys

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5531149b5b60410480a338ca1b047165

Files

5531149b5b60410480a338ca1b047165
.exe windows:4 windows x86 arch:x86

44c7b344f7b1ab361227b93b51fd165c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

crtdll

memset
strlen
_strnicmp
strncmp
strncpy
strcpy
strcat
localtime
mktime
gmtime

user32

wsprintfA
wvsprintfA
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
IsWindowEnabled
GetForegroundWindow
EnableWindow
EnumWindows

wininet

DeleteUrlCacheEntryA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

urlmon

URLDownloadToFileA

comctl32

InitCommonControls

kernel32

GetModuleHandleA
GetCommandLineA
ExitProcess
HeapCreate
GetSystemDirectoryA
HeapDestroy
HeapAlloc
HeapFree
GetCurrentThreadId
GetCurrentProcessId
WaitForSingleObject
Sleep
GetDriveTypeA
FindFirstFileA
FindClose
HeapReAlloc
CreateFileA
CloseHandle
ReadFile
SetFilePointer
GetFileSize
WriteFile
GetLocalTime

shell32

ShellExecuteExA

Sections

.text
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.flat
Size: 512B - Virtual size: 183B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE