5bee36b9e85e3d6afd5babf809eb4c9e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bee36b9e85e3d6afd5babf809eb4c9e
Size

34KB
MD5

5bee36b9e85e3d6afd5babf809eb4c9e
SHA1

98b29067af02c7677a43de127453a6b5452e0f8a
SHA256

49d63b913f22f9d8422ef33bc75a02fd6883fc7030adbb04e0dcea0f0b161d45
SHA512

4333793e12d1ea59dc0af1fddb1999ac5d3dc80e3aa5d3c1083d03b983ea2b945cfbd0224ced4bbf4f625ccba3be98982c19e3bc4019e76f7b17d20372bf5cec
SSDEEP

768:I1jGvenBuNM10QQwXGA6UA6zIe2gxuefEYR5LF:I9G700QQcG1d6fcefEsR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5bee36b9e85e3d6afd5babf809eb4c9e

Files

5bee36b9e85e3d6afd5babf809eb4c9e
.dll windows:4 windows x86 arch:x86

3b6e3b0f276cd8981b021d6bbced6749

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

MessageBoxA

kernel32

ExitProcess
GetSystemTimeAsFileTime
CloseHandle
GetStartupInfoA
GetModuleHandleA

advapi32

RegQueryValueA
RegCloseKey
RegOpenKeyExA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ