57f8cdfd9729d8aeef889d422ed44a87 | Triage

Sharing

General

Target

57f8cdfd9729d8aeef889d422ed44a87
Size

116KB
MD5

57f8cdfd9729d8aeef889d422ed44a87
SHA1

ef1cebc2e4e6d76f4100e90c6443f688c8ac0f82
SHA256

a1297ebe85b9185f7684c931f3828b0c5492b756a54f85b523905eeb8e65e20e
SHA512

21627f5b84872b8e923170b9b946fd4ca5b289590d7d3677832bdd7d9230223909e6095f58191ca5116d0bf2b090bc77af7f98dfd90d5f0222e10d52839165d4
SSDEEP

3072:lEExdVQYVXpuAVd0wjKwNCtWQCWNwuNjIHxows:xdyOdpKwNQWLWn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57f8cdfd9729d8aeef889d422ed44a87

Files

57f8cdfd9729d8aeef889d422ed44a87
.exe windows:4 windows x86 arch:x86

119ba01abad812c4a461368344bcd6cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetModuleHandleA
GetProcAddress
LoadLibraryA
RtlZeroMemory
VirtualAlloc
VirtualFree
VirtualProtect

Sections

.pepsi
Size: 110KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 5KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE