b5451198e148dd29d8f53c8264c7476d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5451198e148dd29d8f53c8264c7476d
Size

58KB
MD5

b5451198e148dd29d8f53c8264c7476d
SHA1

e65db70f8a9d6fe425fb13efbac54b318eeb773a
SHA256

46d39dabbfd775008dd8fb742076717aaa6b554d8d566dd0887c408199f7cde4
SHA512

65ac0f09ee5f9af95851130805f909fea09f353b58f152aac31eaf39d2275480f39153e596fa5cb1be6f3f57e8096fc4b127f880110976fc221ef8f9620da80b
SSDEEP

768:jEZiUzAr4rS6heyY1soCG417E62w7YHCzeE3jK22Irdwq4Su:jYi4uSS6MyYuoq1o62w7YizZjNF2q4S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5451198e148dd29d8f53c8264c7476d

Files

b5451198e148dd29d8f53c8264c7476d
.exe windows:4 windows x86 arch:x86

c667f919d3610c13d56d2b0cdb9aa26e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
CreateFileW
CreateMutexA
ReleaseMutex
UnmapViewOfFile
HeapCreate
LoadLibraryExA
lstrlenW
GetProcessHeap
GlobalUnlock
FindResourceW
GetExitCodeProcess
GetEnvironmentVariableA
GetModuleHandleA
GetCurrentThreadId
TlsGetValue
SetLastError
GlobalFree
CloseHandle
lstrcpyA

user32

DrawEdge
GetDC
CheckRadioButton
IsWindow
FillRect
CreateWindowExA
GetCaretPos
SetFocus
GetDlgItem
DrawMenuBar
CreateMenu
DispatchMessageA
CallWindowProcA

rsaenh

CPSignHash
CPHashData
CPDecrypt
CPGenKey
CPDeriveKey

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE