5a99c8c363b92dc29505ba458c8d81f3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a99c8c363b92dc29505ba458c8d81f3
Size

6KB
MD5

5a99c8c363b92dc29505ba458c8d81f3
SHA1

a8b57d3e3365d5074cf825d80725423acaf4d818
SHA256

1e574ed3eb029ae0d56733343e30bf063019b46d7605bf300f5f2fc41d05a764
SHA512

273cefbf88588072f14ba2c672a95ef3ea60f9f36393edd42c932e5500f75f89bb3926d40d136edcdf78bc4bac6492ce28990a7abb07abcf55b377f0ab4c94e2
SSDEEP

96:Sokj0G8ZqEJ1h+7zWPKuhVsYxHRTu1+wy5Wj:SiNZJbfPKu0IHRTnTWj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a99c8c363b92dc29505ba458c8d81f3

Files

5a99c8c363b92dc29505ba458c8d81f3
.exe .js windows:4 windows x86 arch:x86 polyglot

91d1d5538accc35aac1940fab1e1b572

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
ReadFile
SetFilePointer
GetFileInformationByHandle
CreateFileA
GetShortPathNameA
GetModuleFileNameA
CreateProcessA
lstrcatA
GetStartupInfoA
FindFirstFileA
FreeLibrary
GetProcAddress
LoadLibraryA
MoveFileExA
WriteFile
lstrlenA
GetTempFileNameA
CreateDirectoryA
Sleep
lstrcmpiA
DeleteFileA
GetFileSize
GetSystemDirectoryA
GetTempPathA
GetLastError
CreateMutexA

user32

wsprintfA

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 336B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ