5718b679b545a10bca84bbed459cbd84 | Triage

Sharing

General

Target

5718b679b545a10bca84bbed459cbd84
Size

320KB
MD5

5718b679b545a10bca84bbed459cbd84
SHA1

973a77338231f8cb327b028d2004979e18a7cd9a
SHA256

c14d030f998c6350f0fcf47bf0788bd2f85572fc13f6a1074a5bff1730bf503a
SHA512

c7f594a211af1da67edd7249200f9c617b494aacd6e0e1132be3bebb2ec7e00c922b4b54db79d383ee4d1a556ad78af427dd7382cd959e4b683c06870a04836e
SSDEEP

6144:DK6pei6FPeuUjy9Bu9Av/uW4u+AoXoQ+31bA+GWLdJxbmRZq9Om:mwj6F2fC6A8AoX7M5A+GW5bmRkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5718b679b545a10bca84bbed459cbd84

Files

5718b679b545a10bca84bbed459cbd84
.exe windows:4 windows x86 arch:x86

104d9c31e6f693c1289af84adca2fbb3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
IsValidCodePage
HeapDestroy
DeleteTimerQueue
HeapSize
GetStdHandle
lstrcmpiA
CloseHandle
ReleaseMutex
VirtualProtect
GetDriveTypeA
GetProfileStringA
ResumeThread
GetStartupInfoA
GetLastError
GetTickCount
GetTempPathA
ExitProcess
SetEvent
DeleteCriticalSection
CreateHardLinkA

advapi32

RegEnumValueA
LsaClose
RegCloseKey
CloseEventLog
RegQueryValueExA
ReportEventA
RegCreateKeyExA
LsaSetSecret
LsaFreeMemory
RegLoadKeyA
IsValidSid
IsValidAcl
AccessCheck
IsWellKnownSid
OpenEventLogA
GetSecurityInfo
FreeSid
GetFileSecurityA
CloseTrace
RegEnumKeyExA

apphelp

SdbFreeFlagInfo
SdbFindFirstTag
SdbFindNextTag
ApphelpShowDialog
ApphelpCheckIME

user32

CreateWindowExA

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ