5854f3b6113fb4bd02e17358f6032fa9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5854f3b6113fb4bd02e17358f6032fa9
Size

485KB
MD5

5854f3b6113fb4bd02e17358f6032fa9
SHA1

a0a99c42c262712c1d45c9d934e4beee79d70974
SHA256

45aa0319112b85541d986c8ab5dcb4943c44cc83734925c5f283790eccd2011e
SHA512

50fca95be526566e99c4c924f35fd85fe1d52225c8d8ce4e47d3e58bc8fa6f58919c102416e8d9e5b33dca6339f2097ca4eb868f3d56b079b58973806baf5233
SSDEEP

12288:33asmyy2KOqLKuNQEcHV2Wl9IOsySEtM9cCbQF+RCoFFX1t:nasmyy2zqHNfcHsBySEtwyF+RF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5854f3b6113fb4bd02e17358f6032fa9

Files

5854f3b6113fb4bd02e17358f6032fa9
.exe windows:4 windows x86 arch:x86

d4a84db4fec706017461c0e97df062ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

advapi32

RegQueryValueExA

comctl32

ImageList_SetIconSize

gdi32

UnrealizeObject

ole32

CreateStreamOnHGlobal

oleaut32

SafeArrayPtrOfIndex

user32

WindowFromPoint

wsock32

WSACleanup

Sections

CODE
Size: 477KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE