5814824df46b9722227d35614551109a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5814824df46b9722227d35614551109a
Size

160KB
MD5

5814824df46b9722227d35614551109a
SHA1

0cf24c68eaba727aea1736ffaf78ff39b77d019a
SHA256

66c5fcff53272685ffbb1dd00474d40af17aae8db0e4f3d24a100d5f6927551d
SHA512

81bb60ff0fc502d10a2c5eb2faa4e5e65098ae674ca739861cc805c995c54d8f48c0002deff9511b71d42d34b4e54f9ed70b1fdcf9d23f24474c350ae42c4daa
SSDEEP

3072:EU0xOmAN2Igq9/jT3ApdoyEOkQebOURfmCzajDLzBrau9XNRnd:EVa28H3CqOkoUROCzaDlraGXNR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5814824df46b9722227d35614551109a

Files

5814824df46b9722227d35614551109a
.exe windows:4 windows x86 arch:x86

27577e98c7c89bafdb6ca2f030c3a902

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringA
GetPrivateProfileStringA
GetConsoleTitleA
CreateDirectoryW
DisconnectNamedPipe
SleepEx
WriteConsoleOutputCharacterW
GetCurrentProcess
WaitForMultipleObjectsEx

user32

LoadCursorFromFileA
CallNextHookEx
EndDeferWindowPos
GetProcessWindowStation
PtInRect
DlgDirListW
OpenWindowStationW
DdeQueryStringW
CheckRadioButton
SetWindowRgn

gdi32

GetTextFaceA
UnrealizeObject
SetMapperFlags

Sections

.text
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 758B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data0
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE