572088b2fcd56985e5a5cb8a44200a6f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

572088b2fcd56985e5a5cb8a44200a6f
Size

71KB
MD5

572088b2fcd56985e5a5cb8a44200a6f
SHA1

60bdbbc5c464e525fc36db3ddaa398a494f02505
SHA256

f8cef2a94f2a980aa9c3e757d9925d1cf13e9594577aa050f6c360015b3f04d1
SHA512

cbaf401d1c917785fe10115bcd04f26ff4ad7c6e10dc9f852bc9bfa62aebc07474c3691f89bc44b509128dbd4620944e58eedc91e5807934a4002014b1c9dd2f
SSDEEP

1536:TinVdU8m6l3y2DvWTbPVR/nLtHqSSbswJxZzpt7lipZ:TgVdhPo2DuLZqSSwUPNt5YZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
572088b2fcd56985e5a5cb8a44200a6f

Files

572088b2fcd56985e5a5cb8a44200a6f
.exe windows:4 windows x86 arch:x86

029b35043f62f8374165b25e05314839

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetComputerNameExA
Thread32Next
UTRegister
GetShortPathNameA
BeginUpdateResourceA
GetPriorityClass
GetVolumePathNameW
FormatMessageA
ExitVDM
CreateEventW
SetConsoleMode
InterlockedPopEntrySList

Sections

.text
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

rdata
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 57KB - Virtual size: 94KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE