5c1e8118c751744f5e943efda57870f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c1e8118c751744f5e943efda57870f7
Size

52KB
MD5

5c1e8118c751744f5e943efda57870f7
SHA1

cf7edfe1f33853e9d0ac15325480c5d39f31fb6e
SHA256

832c5ab5ea81dc2fbb893ddb413d090f9218a269edc596d8a06b8ee1ad4ceb6e
SHA512

df48190c5b87a3b5fc8ca3fd79a98f804a1ec100e72e2bb6c31d834f8050b6ec0c9aed2bd77e41c27d5cabc21859b995af330855746ed98cbc2868029a1a2370
SSDEEP

1536:FMDtY8O4UlZrpdyTDrHn/4JoOTbxTegFU74drkx:SY8Od7rpgTH/4JnTbxCqXd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c1e8118c751744f5e943efda57870f7

Files

5c1e8118c751744f5e943efda57870f7
.exe windows:4 windows x86 arch:x86

db0156b9ca654338aad0a00bca827be1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateTapePartition
ExitProcess
GetCalendarInfoW
GetConsoleCP
GetNamedPipeHandleStateA
ReadConsoleOutputAttribute
SetCommState
SetThreadPriority
UTUnRegister
VirtualQuery
_llseek

advapi32

CryptExportKey
CryptVerifySignatureW
GetUserNameW
LookupAccountNameW
ObjectCloseAuditAlarmW
RegEnumValueA
RegLoadKeyA

user32

DrawIconEx
DrawTextExA
LoadIconA
LoadKeyboardLayoutA
LoadStringA
OpenWindowStationA
ReleaseDC
ScrollWindowEx
SetFocus
SetPropW
SubtractRect
SystemParametersInfoW
VkKeyScanExW
wvsprintfA

shell32

DllGetVersion
DragQueryFileA
SHBrowseForFolder
SHGetNewLinkInfo
SHUpdateRecycleBinIcon
SheChangeDirA
SheFullPathA
SheGetCurDrive
Shell_NotifyIconA
Shell_NotifyIconW

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE