5896b260e63a8158e24f9cb809e56a90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5896b260e63a8158e24f9cb809e56a90
Size

284KB
MD5

5896b260e63a8158e24f9cb809e56a90
SHA1

fdef5a5455809fe19fde955aeabb37fe4512e6cb
SHA256

f1685891d29e3d79fd6f099663cc74dd813ac459c39c01172c41af049d80ace7
SHA512

1397aea6de11f875223ae853384b59c159654963624ef651950255d18e4f8f61a28a6deb8414a8d192abbae6fd86cfbf9009ffacbff36cf3daa013f8f24ac1f0
SSDEEP

6144:EU2pjZHZ/y5IUWWug95oTjXpsJ1GhxmmTzdupZwsH/3rGfomiDCHcA3RWXB+y1zC:EVLuIvdXAG3cZDbQhWXcyxoDG0k+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5896b260e63a8158e24f9cb809e56a90

Files

5896b260e63a8158e24f9cb809e56a90
.exe windows:4 windows x86 arch:x86

15ea5e7594f976829e145b9a5ae92b7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

version

VerQueryValueA

gdi32

UnrealizeObject

comctl32

ImageList_SetIconSize

wsock32

WSACleanup

Sections

CODE
Size: 252KB - Virtual size: 704KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE