56084e4895d76fb103efb4b4c868d458 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

56084e4895d76fb103efb4b4c868d458
Size

241KB
MD5

56084e4895d76fb103efb4b4c868d458
SHA1

16df2278d1bd5c691b66be90a30e2482d8bd5d49
SHA256

e99c17724019e60c062adf210c2cccb57499ebe4a71d448d53acd933a595a39e
SHA512

677ed399c4a5779b86f2fddd7fb98563841b6cd468df7403f478ea8ea03f2de9d3528b94361ab028f63b18e4d8022a966e74806d90ac0a2c11160ab5b8708052
SSDEEP

6144:tHX8cOQHmxVDprCwBrfazfsRj8LZsxbzSNmbofyL11s:pX8jQGxjLwkRj8FsxbzSNqo6LY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56084e4895d76fb103efb4b4c868d458

Files

56084e4895d76fb103efb4b4c868d458
.exe windows:4 windows x86 arch:x86

172976de20e39c8923d80538b101b221

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsSetValue
GetCurrentThreadId
lstrcatA
GetCurrentProcessId
VirtualAlloc
GetDriveTypeW
GetSystemDefaultLCID
GetModuleHandleW
IsDBCSLeadByte
GetModuleFileNameA
GetCurrentProcess
TlsFree
GetACP
FreeLibrary
lstrcmpA
GetLogicalDrives
TlsAlloc
GetCurrentThread
TlsGetValue
GetCommandLineA
GetUserDefaultLangID

user32

GetWindowTextLengthA
GetFocus
GetWindowLongA
IsWindowVisible
BeginPaint
GetClassLongA
GetWindowDC
RegisterClassA
CreateWindowExA
GetWindow
GetSystemMetrics
GetActiveWindow
GetForegroundWindow
GetDC
ReleaseDC
UpdateWindow
GetWindowTextA
IsIconic
ShowWindow

shell32

StrCmpNIA
StrChrA
StrChrIA
StrCmpNA
StrRChrIA
StrRChrA

msctf

TF_GetThreadFlags
DllGetClassObject
DllRegisterServer
DllCanUnloadNow

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ