57d11a68a3c9ca2fbb2f65ec59f10866 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

57d11a68a3c9ca2fbb2f65ec59f10866
Size

637KB
MD5

57d11a68a3c9ca2fbb2f65ec59f10866
SHA1

c59b6d33a279ebd004e0e4329b95bb2c48c87c42
SHA256

68920a96c41cfac8dd48100befa135341e29e3ab46a78f6d6483de83f6069ad6
SHA512

fccd70299e7c90ff9fa467edfa336cbcb1f8dd58dc8f55cb600f02a0d79bf69ddc652c0553379a8397cefd350b0c22ad7f20efb1d42e85850b94ace94827c91d
SSDEEP

12288:CEWMadSLnNiPUJLHb5h+jqfi8ayQu2NjE8UIZd/AOz7pqN5I0kHUQSAC:JXLnEMJjqWq8MNgBIrhc5GZSAC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57d11a68a3c9ca2fbb2f65ec59f10866

Files

57d11a68a3c9ca2fbb2f65ec59f10866
.exe windows:4 windows x86 arch:x86

e2cc0053d05bf55a218a245c297972e6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
lstrlenA
TlsFree
GetVersion
GetTickCount
HeapWalk
GetAtomNameA
GlobalUnlock
GetModuleHandleA
GetProfileIntA
FindAtomA
HeapReAlloc
GetACP
InterlockedExchange
CompareFileTime
LoadLibraryA
TlsGetValue
GetStdHandle
VirtualProtect
GetConsoleCP
CloseHandle

user32

DialogBoxParamA
GetMenu
TranslateMessage
GetKeyboardLayout
EnableScrollBar
InsertMenuA
MessageBoxA
GetScrollRange
DestroyMenu
SetPropA
CopyRect
SubtractRect
GetDlgItem
PostMessageA
PaintDesktop
UpdateWindow
PostQuitMessage
GetMenuStringA
ShowWindow
SetWindowPos
CreateCaret
ModifyMenuA
DispatchMessageA
EqualRect
GetWindowTextA
LoadIconA
InflateRect

msi

MsiEnumProductsA
MsiGetMode
MsiDoActionA
MsiCloseHandle
MsiEnumClientsA

ws2_32

WSAAccept

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ