56b8e1eb069f75b330b0af7269877ba5 | Triage

Sharing

General

Target

56b8e1eb069f75b330b0af7269877ba5
Size

107KB
MD5

56b8e1eb069f75b330b0af7269877ba5
SHA1

8d3628b6dd8e1a5d9e4388857792555d44ef62b7
SHA256

d5ebcd6389d1f6de2d3a142e372d4415d052eec3c93c74783d37b8fc2c67aac1
SHA512

e5fc237f5b172619121ec0b98d34ba5242cd3fe3541a3cc58fd08baed02dbe61ee5a40458b86cccd7826bba4e754d997425a3539788b40c26cfce5faf9fa99ee
SSDEEP

1536:bzPoXicezL5+fWZnHlvverKxrzgfyHLi0O1xNqnsaWI6qgxcZI74tCZaEibjMp:XwOR+fWZnFoKyf0O7oIVs/Pkp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
56b8e1eb069f75b330b0af7269877ba5

Files

56b8e1eb069f75b330b0af7269877ba5
.exe windows:4 windows x86 arch:x86

cd987d906f355abc98594c35a5ade7e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

DestroyIcon

gdi32

StretchDIBits

comdlg32

PrintDlgA

advapi32

RevertToSelf

shell32

DragQueryFileA

ole32

CoTaskMemAlloc

msvcrt

atol

comctl32

ImageList_Destroy

shlwapi

PathRemoveExtensionA

Sections

.text
Size: 22KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 84KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE