5a8d6c259d2317aba94d6e9a6c083042 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a8d6c259d2317aba94d6e9a6c083042
Size

75KB
MD5

5a8d6c259d2317aba94d6e9a6c083042
SHA1

7f9d1610053db8ad1baa78ca69b8f42e6a7ad6b2
SHA256

09d615ad060e1267ca140e1baad74e15d62aea01d4e440ffe96eccc98aec3951
SHA512

da33bfce7485eda491184a31e9a90142815ce2f6c245f02553488e895a031bb931657680f4ac0c9991aaeee4092d0cad7759de40d65fa3a6d047a761f24feded
SSDEEP

1536:jubA5Q3np5rONpYelAqy2ZMKbnSyA6OVMk5Ty1As3vM/bEw3BWF17xwhHKnLB8NQ:YfttL30F11whqnNz/OB/q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a8d6c259d2317aba94d6e9a6c083042

Files

5a8d6c259d2317aba94d6e9a6c083042
.exe windows:5 windows x86 arch:x86

9ec234841d49162660dbec4a7483afff

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

MapViewOfFile
CloseHandle
WaitForSingleObject
GetFileAttributesA
GetModuleHandleA
GlobalLock
ReadFile
GetFileTime
GetTickCount
SetLastError
GetCommandLineW
ExitProcess
SetFileAttributesW
HeapCreate
GetCurrentDirectoryW
HeapFree
SetLastError
Sleep
EnterCriticalSection
GetFileType
GetDriveTypeA
GetEnvironmentVariableW
IsBadReadPtr
LocalSize
SuspendThread

uxtheme

CloseThemeData
GetThemeColor
CloseThemeData
GetWindowTheme
GetThemeTextExtent
GetThemeBool
GetThemeEnumValue
DrawThemeBackground
DrawThemeEdge
SetWindowTheme
OpenThemeData
GetThemeTextMetrics
IsThemeActive

dbnmpntw

ConnectionVer
ConnectionVer
ConnectionVer
ConnectionVer

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 10B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE