58145fb9cbd6fb532f92c9462dfb0f54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

58145fb9cbd6fb532f92c9462dfb0f54
Size

136KB
MD5

58145fb9cbd6fb532f92c9462dfb0f54
SHA1

0003913fcc5110a9df5e51922fd20f937a0f6a3e
SHA256

6b2c56da17c713f5d9b490dca050ad5b515af17eb6fcfce621028b520eed88d5
SHA512

fab6ac103a8dbe97f888cc2738ebc38e1116152079b10f79c88c2447ad5e1695c95206cae194784296a877bde4a422447beb48e8904646f0c84baa5023bd25ea
SSDEEP

3072:JpB64r8482bdRUaFESdtprbG1bWO6yqAK83N0hbU1o:fB64r89MUUESLpwZNm80VU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
58145fb9cbd6fb532f92c9462dfb0f54

Files

58145fb9cbd6fb532f92c9462dfb0f54
.exe windows:4 windows x86 arch:x86

0cefd6bc459e56d19c4340a16d47b523

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitThread
GetModuleHandleA
FindAtomA
AddAtomA
VirtualFree
FreeResource
VirtualAlloc
GetProcAddress
FindResourceA
SizeofResource
LoadResource
LockResource

user32

TranslateMessage
wvsprintfA
WindowFromDC
ValidateRgn
VkKeyScanA
WinHelpA

advapi32

CryptGetHashParam
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegSaveKeyA
CryptDecrypt
RegUnLoadKeyA
CryptGetKeyParam
RegCloseKey
CryptSetProviderA
RegQueryMultipleValuesA
CryptSignHashA

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 876B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 115B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ