5b7bb88f47ec4406a445068cbd57bb28 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b7bb88f47ec4406a445068cbd57bb28
Size

55KB
MD5

5b7bb88f47ec4406a445068cbd57bb28
SHA1

61da0fa39c0c5f8ae233a2303fa2ac3126c05a21
SHA256

f36c19e354c8de0939cb81de29c03bf838de486c272b12a3c761f674cd18e98c
SHA512

c46e86ffbaf0f71b790f08401fbdf463e7213cf2eff1d5eaa820104e7cc9544c68c3be562891cd85f12df10f33d2d18db797fbf4e6edaab82460019950dc12b9
SSDEEP

768:Ea2jo4Ib/GyN8ox/WD5ihcqhsYfDpP7q++QsY9TekyrNRC2B0tLz4lqXIFNif:E0L/R8jDwzr59T0DpB0tLzaqYFC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b7bb88f47ec4406a445068cbd57bb28

Files

5b7bb88f47ec4406a445068cbd57bb28
.exe windows:4 windows x86 arch:x86

490209c0b766e1dbc68e820a0e87f79c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenMutexA
ExitProcess
CreateMutexA
CreateThread
GetCurrentThreadId
GetTickCount
GetModuleHandleA
GetProcAddress
GetSystemDirectoryA
LoadLibraryA
Sleep
CreateFileA
GetStartupInfoA

user32

DispatchMessageA
TranslateMessage
UpdateWindow
ShowWindow
CreateWindowExA
RegisterClassA
LoadIconA
LoadCursorA
MessageBoxA
GetDC
ReleaseDC
BeginPaint
EndPaint
DestroyWindow
PostQuitMessage
DefWindowProcA
GetInputState
PostThreadMessageA
GetMessageA

gdi32

GetStockObject
TextOutA

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

msvcrt

_except_handler3
_controlfp
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit
sprintf
_itoa
memset
strtok
malloc
strlen
strcat

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ