5776f7f1dd7cc1ce5d0bff2e9e41c187 | Triage

Sharing

General

Target

5776f7f1dd7cc1ce5d0bff2e9e41c187
Size

220KB
MD5

5776f7f1dd7cc1ce5d0bff2e9e41c187
SHA1

3c7ba405e09d023eb524892c07ee9d3aac6a8ec1
SHA256

db2d0b5b7d7a2f523cbb1358d68449bda88a85cf3b68134e745911714b2598c8
SHA512

b9ef8895ec2fb022e2ef99595e80498a292470fdc72e61be456afacaf7d15965b04e3c90d3b3616c9368dbb21f380f37825c226e4100e5c3a637dd7ff7b504f8
SSDEEP

6144:6f8IgX5NrjPlyIpzHduWiupU3qkXAnRyz457ruN8O:6f8IOrjPlyKzHFFyaFMEFu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5776f7f1dd7cc1ce5d0bff2e9e41c187

Files

5776f7f1dd7cc1ce5d0bff2e9e41c187
.exe windows:4 windows x86 arch:x86

cca3f55b304dff35eb7cf907d566eb44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
GetNumberOfConsoleFonts
HeapAlloc
GetPrivateProfileStringA
FlushConsoleInputBuffer
VirtualAlloc
OpenWaitableTimerA
HeapFree
GetEnvironmentStringsA
HeapSize
QueueUserAPC
HeapValidate
GetDevicePowerState
GetProcessVersion
OpenProcess
GetConsoleOutputCP
SetComputerNameA
Process32First
HeapDestroy
BeginUpdateResourceA
GetCurrentDirectoryA
GetCommandLineW
GetDefaultCommConfigA
SetFilePointer
IsValidCodePage
BuildCommDCBAndTimeoutsW
HeapSetInformation
GetExitCodeProcess
GlobalMemoryStatus

ws2_32

socket

Sections

.itext
Size: - Virtual size: 816B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 180KB - Virtual size: 842KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ