5b6bd562fd50949613b65529b5f2301a | Triage

Sharing

General

Target

5b6bd562fd50949613b65529b5f2301a
Size

340KB
MD5

5b6bd562fd50949613b65529b5f2301a
SHA1

1e6132edf2f9244ada3da555ff384ec8006a94cd
SHA256

448b9fbccfb15ac770075478fd0b53ce9d092ac521f6fe257ea2a92b057f3886
SHA512

0b4b28fb3ed9abd40fe9881c0a1e328596dfd28efd275e6f8dd74585c43f5eb23b19f3c8efa08fd0a269372dc3c6fa7aa6c6413bc0a8761a350b3a7252af7deb
SSDEEP

6144:0pcx0ixVsJNQjhffIEb2uzH6JDtKGd5BME4ezqCtQyEV/iVL8azN8dxx7s:0upxiJNQ9ffn2kYtXpVKyEV/iVL/yK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/SOH CSS v1.3/SOH CSS.exe

Files

5b6bd562fd50949613b65529b5f2301a
.rar
SOH CSS v1.3/Read File.txt
SOH CSS v1.3/SOH CSS.exe
.exe windows:5 windows x86 arch:x86

7f86b38549c228350b593246df555ee0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

user32

EndPaint

gdi32

BitBlt

winmm

timeGetTime

msvcr90

rand

Sections

.MPRESS1
Size: 322KB - Virtual size: 1.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MPRESS2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE