5b4ef4e084281c2a55bf2c56f7f50ce9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b4ef4e084281c2a55bf2c56f7f50ce9
Size

717KB
MD5

5b4ef4e084281c2a55bf2c56f7f50ce9
SHA1

a215325cc6b1c76a46ff3b08af34f51117d983a0
SHA256

8eee01b6263e2b876bd8817257fafe57504113b3e61012ded9903438aa1ebe3d
SHA512

58b79fb70878a001e56d670a69d518839717c0d4db6a0a29a21de4f144b2e5bc1444f8af7a4555302ebba8beedc8bf7dadcfcb29e89cf3e8eefedd6d996376b4
SSDEEP

12288:pOa1Z+qy4PhuBWAm1KL1aFZZWBnmdEEG2dh8qSNxkqJQFbxI+C5z1/ScJL:pOMciPwMBFZwn9Efh8BLkkQFK+y

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b4ef4e084281c2a55bf2c56f7f50ce9

Files

5b4ef4e084281c2a55bf2c56f7f50ce9
.exe windows:4 windows x86 arch:x86

2d92d8cdbacc0015541afdc0e02d3c22

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
FindAtomA
HeapReAlloc
GetConsoleCP
CreateThread
GetACP
LoadLibraryW
TlsFree
WriteConsoleA
lstrlenA
CompareFileTime
GetAtomNameA
GetModuleHandleA
CloseHandle
ExitProcess
VirtualProtect
InterlockedExchange
GetVersion
PulseEvent
GlobalUnlock
SetEvent

user32

DialogBoxParamA
SetWindowPos
GetMenu
MessageBoxA
GetWindowLongA
EqualRect
SetSysColors
UpdateWindow
GetKeyboardLayout
LoadIconA
InsertMenuA
ModifyMenuA
PostMessageA
DispatchMessageA
GetDlgItem
DestroyMenu
ScrollDC
InflateRect
GetSubMenu
GetWindowTextA
TranslateMessage
PostQuitMessage
SetPropA
GetParent
CopyRect
ShowWindow
GetMenuStringA
EnableScrollBar
GetScrollRange

shlwapi

UrlCombineA
UrlHashA
StrToIntA
StrTrimA
StrToIntExA

version

GetFileVersionInfoA

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ