579c9382c899812044516f23620081d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

579c9382c899812044516f23620081d9
Size

129KB
MD5

579c9382c899812044516f23620081d9
SHA1

ae427f314f0246851a1ae7f4724cdf14d354900d
SHA256

d18679ef7d950ccdf5406742453b922ec537a0dc322f2c5d704e46cbf721c853
SHA512

e017dcc1b675948c3e3161611b707c85b2f97edca187dec451cc4ffe3dbc4546aa9dbb2681c567e0367e41177a7bc2aaeecf6172552a86f6c160f8d4c578a369
SSDEEP

3072:I4ZeiSp3OzfWNAawjKU8hG0Q+9CGT23itT+eSk7iDDr/2ug0Sy3G:wiO+LFjKhhdj9RYiIGug05G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
579c9382c899812044516f23620081d9

Files

579c9382c899812044516f23620081d9
.exe windows:4 windows x86 arch:x86

d9691bcaaf21b285177cdc85f62abcfb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsFree
GetACP
VirtualProtect
CompareFileTime
ResetEvent
HeapReAlloc
GlobalUnlock
FindAtomA
SetEvent
InterlockedExchange
WaitForSingleObject
CreateThread
CloseHandle
GetConsoleCP
GetTickCount
LoadLibraryW
ExitProcess
GetModuleHandleA
GetVersion
GetAtomNameA
lstrlenA

user32

GetMenu
ScrollDC
PostQuitMessage
CopyRect
GetParent
SetSysColors
ModifyMenuA
InsertMenuA
GetMenuStringA
DestroyMenu
ShowWindow
DispatchMessageA
GetKeyboardLayout
EnableScrollBar
PostMessageA
UpdateWindow
InflateRect
TranslateMessage
SetPropA
GetSubMenu
GetScrollRange
MessageBoxA
GetWindowLongA
EqualRect
GetWindowTextA
LoadIconA
SetWindowPos
GetDlgItem
DialogBoxParamA

shlwapi

StrTrimA
StrToIntExA
UrlEscapeA
UrlCombineA
StrToIntA

imagehlp

ImageUnload

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 640KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ