5c35600bbe9d3d7cc2d82040922eec54 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c35600bbe9d3d7cc2d82040922eec54
Size

29KB
MD5

5c35600bbe9d3d7cc2d82040922eec54
SHA1

92ed8a1c41c53d61889b85d1f0f8e7102e1cb0f5
SHA256

4c353ffe27923a9b319d17446705f4ef6db0f71acd1663bdfcf4fc898a914298
SHA512

760a4cb5bce972686230ae34a0bfa93e275a506ab8603f17b8069c357e4a823460223e29af98cbdeee8125baa5b8326bae308a682c471c54f3a372402dbb7391
SSDEEP

192:NutIpasgFpidowK7Mjh/aeZwfe/0uYgIcp9P:NBpLWdwxifEYgIM9P

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c35600bbe9d3d7cc2d82040922eec54

Files

5c35600bbe9d3d7cc2d82040922eec54
.exe windows:4 windows x86 arch:x86

10be2c80d689f5fbe5f2889e952a4669

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
CreateFileA
HeapFree
GetProcessHeap
HeapAlloc
WaitForSingleObject
Sleep
CloseHandle
DeleteFileA
ExitThread
GetLastError
GetModuleFileNameA
lstrlenA
lstrcmpA
WaitForMultipleObjects
ResetEvent
CreateThread
SetEvent
CreateEventA
CreateProcessA
WriteFile
GetSystemDirectoryA
SizeofResource
LoadResource
FindResourceA
lstrcpyA
Process32Next
Process32First
CreateToolhelp32Snapshot
CompareStringA

user32

ShowWindowAsync
GetWindow
wsprintfA

advapi32

RegSetValueExA
RegNotifyChangeKeyValue
RegOpenKeyA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA

ole32

OleUninitialize
OleInitialize

Sections

.text
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 752B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ