5d5acf768249e3beb065977b66901b93fd8168d979d06[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d5acf768249e3beb065977b66901b93fd8168d979d06.exe
Size

10.4MB
MD5

7d0cb7f2ab53892268c6a9c6af16a47f
SHA1

50c84105b19d98e3f2d0ef5e34e93a28d9f4f7bb
SHA256

5d5acf768249e3beb065977b66901b93fd8168d979d06031a8c3b53a9d216eb7
SHA512

d455a9967a33fdd74ba05d11b8825f3ca32dd1555ed677352f803201359f333643df92963084d96178b07e6a995453c4e736e7c7baff1055e23ecd30d68a97d0
SSDEEP

196608:8nWW4thH6FHEUSPAYOX63fM7Y3I4VmxUdoepFrTm1dtSoQN8SSi:8UKkUSzS63fa8DD2Wrq1rS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d5acf768249e3beb065977b66901b93fd8168d979d06.exe

Files

5d5acf768249e3beb065977b66901b93fd8168d979d06.exe
.exe windows:6 windows x86 arch:x86

f22c63c9bb1b3f26702cb2142af3e756

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

InternetOpenW

kernel32

SetFilePointerEx
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
ExitProcess
LoadLibraryA
GetModuleHandleA
GetProcAddress

user32

ShowWindow

advapi32

RegCreateKeyExA

shell32

ShellExecuteA

Sections

.text
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls0
Size: - Virtual size: 5.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls1
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls2
Size: 10.3MB - Virtual size: 10.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ