57b3aa822516c615c35a148e0e4e0699 | Triage

Sharing

General

Target

57b3aa822516c615c35a148e0e4e0699
Size

1.1MB
MD5

57b3aa822516c615c35a148e0e4e0699
SHA1

734a52a84f4168edbb614a75dda943ab526a0cee
SHA256

774d7ea69faef2e639e8ed5b442dad1e051feb65cd1fa5a2be1bd8dd48e89a35
SHA512

5e11c9a675d25740d3331a5b67bab0aeb02058d0ddbf6759b20cecb487b882eb9f77a2c7586291b40b76af8e64c7df4b613ff090797c588323227f7b368ff01f
SSDEEP

24576:FjEnb9dNrBKdONxbnu+7cavIeAABhMGuerLH:Kb9dNrBSUuSIeAAnMGuer

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57b3aa822516c615c35a148e0e4e0699

Files

57b3aa822516c615c35a148e0e4e0699
.exe windows:8 windows x86 arch:x86

41a2b0b8378127a87e0b8a2b277e360c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcessHeap
ExitProcess
InitializeCriticalSection
ReadFileEx
GetCurrentThreadId
EnterCriticalSection
CreateFileA
CloseHandle
GetVersion
WaitForSingleObject
SetFilePointer
LeaveCriticalSection
ReadFile
VirtualFree
CopyFileExA
VirtualAlloc
GetFileAttributesExA

activeds

ADsOpenObject
AdsTypeToPropVariant
PropVariantToAdsType
ADsGetObject
ADsGetLastError
ADsSetLastError
ADsFreeEnumerator
PropVariantToAdsType2

shell32

PathYetAnotherMakeUniqueName
DllCanUnloadNow
RestartDialogEx
DragQueryPoint
IsLFNDriveA
PathIsSlowA
DragAcceptFiles
Control_RunDLL
IsLFNDrive
Control_RunDLLA
ILIsEqual
RestartDialog
ILFindChild
PrintersGetCommand_RunDLLA
ILFindLastID
ExtractIconA
ILAppendID
ILGetNext
RegenerateUserEnvironment
PifMgr_CloseProperties
GetFileNameFromBrowse

Sections

.text
Size: 525KB - Virtual size: 525KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrcs
Size: 433KB - Virtual size: 3.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ