57609d47af8a1d5971dc0807308d05e9 | Triage

Sharing

General

Target

57609d47af8a1d5971dc0807308d05e9
Size

9KB
MD5

57609d47af8a1d5971dc0807308d05e9
SHA1

21bdf9e443b47baf92009ad5a4be1797d5d8e436
SHA256

559560f7142033d4e47593efb6c2210b1d75a5813911aabc0d9912535287b323
SHA512

7660f03670581b60a9a35906f77d655b32ad20aa674dbde25e67dc22959d3c5d5dce813d1ee06bb339c857f8a9cecf2933af71cf96a7a3c8b2ea4a5364436b72
SSDEEP

192:1WwbbVAowQGkAmjSvJWM4sxgc4xhmEct31woIcCIm+Z2A:1WECZkAOSvS+gcd3DC+Z2A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57609d47af8a1d5971dc0807308d05e9

Files

57609d47af8a1d5971dc0807308d05e9
.exe windows:4 windows x86 arch:x86

552e66b0214de7878c39d756226fa254

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CommConfigDialogA
CopyFileExW
CreateTapePartition
ExitProcess
GetVolumeInformationA
GlobalAlloc
HeapCompact
OpenFileMappingA
QueryDosDeviceW
SetHandleCount
Thread32First
UnhandledExceptionFilter
lstrcmpiA

advapi32

CreateProcessAsUserA
CryptDestroyKey
CryptSetProviderExA
EnumDependentServicesA
GetExplicitEntriesFromAclW
GetMultipleTrusteeOperationW
QueryServiceObjectSecurity
RegEnumKeyExA
RegSaveKeyA

user32

CreateMenu
GetWindowTextA
InsertMenuItemA
LookupIconIdFromDirectoryEx
SetLastErrorEx
SetMessageExtraInfo
SetProcessWindowStation
TileWindows
UnloadKeyboardLayout

shell32

ExtractAssociatedIconA
ExtractIconEx
InternalExtractIconListW
PrintersGetCommand_RunDLLW
SHFileOperationA
SHGetInstanceExplorer
ShellExecuteW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE