57a2e5295719327eb7006d451751acf9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57a2e5295719327eb7006d451751acf9
Size

6KB
MD5

57a2e5295719327eb7006d451751acf9
SHA1

c177fa35e30f3cd844a7b00156775498b63999b9
SHA256

e4389da41a464bd3c523a07c583a8854cd8a4e770fa15af65133d5ae9fc383c9
SHA512

8284bd1536ce108f56cb77774692b41fd7cac7a63611b33272a494aac0e602133b7e8b95e0427c27c7e3a04b5e28ff77971090d1c4210b51ff41361981266e12
SSDEEP

192:t3MMN76n/LjVHXH455ijyP1oyLTnHjRG:tf76/lXH455iI1VnHj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57a2e5295719327eb7006d451751acf9

Files

57a2e5295719327eb7006d451751acf9
.exe windows:4 windows x86 arch:x86

dba7913bfaa23949da7b41699218c784

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FindWindowA
GetWindowThreadProcessId

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

msvcrt

_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
sprintf
malloc
free
memset
_except_handler3
memcpy

kernel32

CloseHandle
OpenMutexA
lstrlenA
GetTickCount
ExpandEnvironmentStringsA
lstrcpyA
GetModuleHandleA
GetProcAddress
LoadLibraryA
DeleteFileA
ExitProcess
Sleep
GetModuleFileNameA
GetStartupInfoA
CreateProcessA
VirtualAllocEx
WriteProcessMemory
GetThreadContext
SetThreadContext
OpenProcess
ResumeThread
TerminateProcess

Sections

.text
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 316B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE