55490735455f5666e362770558bc8f13 | Triage

Sharing

General

Target

55490735455f5666e362770558bc8f13
Size

629KB
MD5

55490735455f5666e362770558bc8f13
SHA1

11c159dec50de09f87232cfa3bffbc9040fa4cd0
SHA256

4b4195ee3ec1173fd4f808324e7c209d5500aa8b35ac49dfede92d19ba7f0d86
SHA512

e42c9ede2296d6f5993b14ed68bba6f7ee6092136a082a4982c7dd2fe31986e748599c92901b81adb5a01bd645cee7723f96f315ab380f8973a174499c02b0eb
SSDEEP

12288:xNoZ85knDae+6fAq5bb1uhDwpxme1uoRWrRbz1UaCKtk0PN/i63j:xNoDDae/f55bcPe1LWbUa5BPll3j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Kostenaufstellung-622011-673610223.com

Files

55490735455f5666e362770558bc8f13
.zip
Kostenaufstellung-622011-673610223.com
.exe windows:5 windows x86 arch:x86

5320c32fa5b92d40af26784d8a06b50a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

rsaenh

CPDecrypt
CPEncrypt
CPCreateHash
CPDeriveKey

kernel32

GetCurrentThreadId
LoadLibraryW
WriteConsoleA
GetShortPathNameW
CloseHandle
HeapAlloc
VirtualAlloc
OpenFileMappingW
CreateSemaphoreW
LoadLibraryA
CreateProcessA
OpenMutexW
lstrcmp
FindClose

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ydata
Size: 660KB - Virtual size: 659KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ