5a527c0f9dbdefb49dd1954a96f68ac8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a527c0f9dbdefb49dd1954a96f68ac8
Size

84KB
MD5

5a527c0f9dbdefb49dd1954a96f68ac8
SHA1

307b85673e5a36a0e02c5bf252bba5b0fc7001d7
SHA256

37cf35454a27cabe7e1c4fcd4834f7b541986913191fa8d68b372fab4e1c2e9a
SHA512

dee71ac95957ee583e116bcf28dfb252c92f35be2179d55f4b67f5a59e63ffb557393e836d2a05ec097681cb83f2b9905f170ecaa036608eae7b26b1a3d4390c
SSDEEP

1536:vtJu8zgyMBwEgvARQq4HFCbSBRwuyVW6pyY/tL2MnQ+fiDZx4D:F3gyYVQ/HouL6pF16M9idx4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a527c0f9dbdefb49dd1954a96f68ac8

Files

5a527c0f9dbdefb49dd1954a96f68ac8
.exe windows:4 windows x86 arch:x86

5c4674338d65ced45c5016f2fcebbe35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualAlloc
CloseHandle
WaitForSingleObjectEx
SetWaitableTimer
CreateEventA
CancelWaitableTimer
LocalAlloc
GetTickCount
VirtualQuery
CreateThread
SetEvent
SuspendThread
VirtualProtect
CreateWaitableTimerA
ResetEvent

user32

CreateDialogParamA
RegisterClassA
GetSystemMetrics
PostMessageA
GetClassInfoExA
FindWindowA
wsprintfA

comdlg32

PrintDlgExA
PrintDlgA
ChooseFontA
GetSaveFileNameA
GetFileTitleA

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ