b5b8836087aee14279434851e9944533 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5b8836087aee14279434851e9944533
Size

2.1MB
MD5

b5b8836087aee14279434851e9944533
SHA1

34fc1dd9330246fce6abb608365c146d98a5695a
SHA256

d47a9c8242722c0bb86185d4913aad73b90e84cf94c845ed4612296fe62fe064
SHA512

4fe61bea303730d6625a6d1d95c94d3841384b77b7341114e1721fc54c8b4d4894d70903651282df93504190ab783f1debcff0730918ee102b8a9ec1a6dbb2c3
SSDEEP

49152:0XL/FZ6Jd2wPFDApDdZA1SEdb5tXB2Nb1lvKY:0X7FZ6f2sspCSEZwVnn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5b8836087aee14279434851e9944533

Files

b5b8836087aee14279434851e9944533
.exe windows:4 windows x86 arch:x86

f9b1e4da7836b3982c5b5e9bec1fbc96

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
ReadConsoleA
SetConsoleCP
ExitProcess
GetNumberOfConsoleInputEvents
Heap32ListFirst
GetLastError

advapi32

RegOpenCurrentUser

Sections

CODE
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

54gvojba
Size: - Virtual size: 2.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.import
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ