5c5559c5127931c7f32d869562e117f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5c5559c5127931c7f32d869562e117f8
Size

49KB
MD5

5c5559c5127931c7f32d869562e117f8
SHA1

35d880068db673e108c7700446fbf0d59fb6c773
SHA256

d5b578ef6a22733ce5b09eb3999c612ce8211d761ddf60f0fd0f4fef916340ba
SHA512

6239295e7bd983a97a2b9713170960e6414ecdd62ea19ffe3d50de0fca974e140e5a408b74730b92c068ccc8492505bc7f67be942e3d1096e2658698e60c7714
SSDEEP

768:4G6JM1Dk10dxkc6H+LCCGL7elZIrrIbXT/9SezAweSld3iqGXH5ifHf:4T0k1ykjeLCC8rUTl+03iqGp2f

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5c5559c5127931c7f32d869562e117f8

Files

5c5559c5127931c7f32d869562e117f8
.exe windows:4 windows x86 arch:x86

4da702f9b1d5061c0421b91bbacedc65

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

LoadLibraryA
GetProcAddress
VirtualAlloc
VirtualFree

user32

GetKeyboardType

advapi32

RegQueryValueExA

oleaut32

SysFreeString

shell32

ShellExecuteA

urlmon

URLDownloadToFileA

Sections

CODE
Size: 34KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE