5723881d1d54bf2b17df276a0ea65089 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5723881d1d54bf2b17df276a0ea65089
Size

10KB
MD5

5723881d1d54bf2b17df276a0ea65089
SHA1

4c9c76a29a06cf93f08c770e52718cc6aa280910
SHA256

99a3d47732c22bda3d86fea5f74756f6d1338c64c9910fc937cfb9dad4b8abe9
SHA512

220d5d33f77c07e5aa24d64f06ad1ebf8707575f8f3d98bdfbc66da71fb24a36f2514323f25f3965931c4967f1115e0c1e3c11f2b4ab0a8c5cc8bb9e1e55ef4e
SSDEEP

192:8x0ttK0hXKNEeVgnk3IIl5a06tcPCTR7UW:8xGhXKNEeVgnk4y8ZMa7UW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5723881d1d54bf2b17df276a0ea65089

Files

5723881d1d54bf2b17df276a0ea65089
.exe windows:4 windows x86 arch:x86

5ab6b5a9c55b4653c27144dc89f4fff0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

StrStrA

kernel32

GetLastError
GetCommandLineA
ExitProcess
GetProcAddress
LoadLibraryA
WideCharToMultiByte
CloseHandle
ReadFile
SetFilePointer
CreateFileA
GetModuleFileNameA
GetFileAttributesA
TerminateProcess
Sleep
CreateDirectoryA
GetCurrentProcessId
Process32Next
Process32First
CreateToolhelp32Snapshot
GetStartupInfoA
GetModuleHandleA
HeapFree
GetProcessHeap
HeapAlloc

shell32

ShellExecuteExA

user32

wvsprintfA

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE