87e3ab53d71fee3396716d79ee3685bc | Triage

Sharing

Copy URL Twitter E-mail

General

Target

87e3ab53d71fee3396716d79ee3685bc
Size

48KB
MD5

87e3ab53d71fee3396716d79ee3685bc
SHA1

8a1cef3fc3b7a2bbd4a3651da6d22cc7890a625f
SHA256

8eec074a0b401f76a152d465109567e9e0930d34fdc9d067ffd711b85be5fdd0
SHA512

bc77979ad846d1a4becde4ba2b75dcc56c2d844f9dfe4c8f49739296efacc438f79fefafeada86ec3650ee3840b52a42a539d5ca74c66358a7c03ef94047d151
SSDEEP

1536:oI8ApNZYqAPn502nhiJ6PYcX6aAjCwUQU3dlLI:f8RqARzfAcKaaFUQU3de

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87e3ab53d71fee3396716d79ee3685bc

Files

87e3ab53d71fee3396716d79ee3685bc
.exe windows:4 windows x86 arch:x86

cf7579ad438428f2763df66909ada183

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SetFocus
SendDlgItemMessageA
EnumDesktopsA
EndDialog
DialogBoxParamA

kernel32

VirtualProtect
Sleep
RtlZeroMemory
CreateThread
ExitProcess
GetLastError
GetModuleHandleA
LoadLibraryA

comctl32

InitCommonControlsEx

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 484B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 44B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE