58084981e63d6f7dea28197338e5c159 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58084981e63d6f7dea28197338e5c159
Size

47KB
MD5

58084981e63d6f7dea28197338e5c159
SHA1

838396a169d5a530151055d1a2770f59892fa9ff
SHA256

ec2fe433e3ceccf14bdb551f2bd963cd0a2b6342b228ac884e0b24244da3b7f1
SHA512

e0c28718ee35088d85e0b4e869168c4820f014b819fa6fb222a694e00c005357e3c258b84f3c4d4d06db9f3a9124b1fff6f4bb6339dea77ece0b2594a517b4c2
SSDEEP

768:vyDX6EH7dv774yndQ47ExYE7SoPAEc893eh1BDqsG3dut3nYdNZL1Xv:vWXb3tdP4xdSoPp9uVDlG0hYdNZL1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58084981e63d6f7dea28197338e5c159

Files

58084981e63d6f7dea28197338e5c159
.exe windows:5 windows x86 arch:x86

32d6021260ea372235555fe220c319cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

GetWindow

advapi32

RegCloseKey

ole32

CoInitialize

shell32

ShellExecuteA

shlwapi

PathGetArgsA

ws2_32

send

netapi32

Netbios

Sections

.MPRESS1
Size: 44KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE