5fc8d41672d9ec5b76d6b13ab1a5ddca20493ab94fefc16d28464a91a341fd65 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fc8d41672d9ec5b76d6b13ab1a5ddca20493ab94fefc16d28464a91a341fd65
Size

6.7MB
MD5

f178e7ce0d8a3dc7666400e39560e996
SHA1

fd85a519808d53d72c5234078632729ac9fa4c81
SHA256

5fc8d41672d9ec5b76d6b13ab1a5ddca20493ab94fefc16d28464a91a341fd65
SHA512

24fcb5631fa3d9eaf0bed0a503555f30ccfc99d76b5c5047c1cdfa6228fb604e35fe44bb5e8c73bdb39c089dbb87e4466fabb0977c67811848f3b0b6d9ebd7f8
SSDEEP

196608:bfjA574vktCnA7nvTBHHobm+7Ja7rHGFXFvKC:f+4MwnmvNnoCmFpKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fc8d41672d9ec5b76d6b13ab1a5ddca20493ab94fefc16d28464a91a341fd65

Files

5fc8d41672d9ec5b76d6b13ab1a5ddca20493ab94fefc16d28464a91a341fd65
.exe windows:4 windows x86 arch:x86

0ff527a561c1c41022fb9b3266c7112e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA
VirtualProtect
GetProcAddress
HeapCreate
HeapDestroy
HeapFree
HeapAlloc
RtlUnwind
CloseHandle
LCMapStringA
CreateFileA
ExitProcess
GetCurrentProcess
LoadLibraryA

user32

CharLowerBuffA
wsprintfA
CloseWindow
SetWindowLongA
CreateWindowExA

advapi32

RegEnumKeyA
RegDeleteValueA
RegSetValueA
RegQueryValueA
RegEnumValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegOpenKeyA

Sections

.text
Size: 4KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ