657b8252a5900240e3d0962bcb6114a3 | Triage

Sharing

General

Target

657b8252a5900240e3d0962bcb6114a3
Size

350KB
MD5

657b8252a5900240e3d0962bcb6114a3
SHA1

97d3be03d8f73e4be9729af9d7f650c52074ee1e
SHA256

0a08f079172ce58f33eda867d5fc8fe6259a23ba66633c9300d1e4c14701d358
SHA512

6a7f923912375cb95673d0e4be8285dfa71d9cc7fc7e207c314db51e1034ba47792c09ce3decc32ef00322e019cba54e3ef5aced2a3d3b45f0d97bbfb8e9ef81
SSDEEP

6144:VEFMFnW+TyiFL7yaBhu4QMaUu6wBN45Iwk6MTX+71f1tscX+ay:VEFMFnhXFLGWgMaUlC45I0Eu71/by

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
657b8252a5900240e3d0962bcb6114a3

Files

657b8252a5900240e3d0962bcb6114a3
.exe .ps1 windows:4 windows x86 arch:x86 polyglot

65b6862e9898b195f4ef7a1685fd82dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
GetProcAddress

msvcrt

memset

comctl32

InitCommonControls

user32

MessageBoxA

shell32

ShellExecuteExA

ole32

CoInitialize

Sections

.
Size: 7KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.
Size: 1024B - Virtual size: 700B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE