b5911456e6beac437dd74778586644c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5911456e6beac437dd74778586644c2
Size

636KB
MD5

b5911456e6beac437dd74778586644c2
SHA1

e5fa592dd983e17008967c19c88dec8cfa302b40
SHA256

21989c2df7b58b73e1b3a0aa37229eab949a8719096d14ce3faaf0fe3abe380e
SHA512

df6b751cbd51e485fe8c85849bb8280dd9e1f4430432df3a36fc132aaa700890f96408700625a7240e4194aca8a67e5b3c72f95a0fd0c416e9abdccdcdf6c80f
SSDEEP

12288:NkxkB3WHQjD4JIVhFpDT0o63+wiaAslHUX5DeBEhpe6VGb5+cSABkz6:NRUwD4JSFpJ6OwiaXHUqEhQDbETABk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5911456e6beac437dd74778586644c2

Files

b5911456e6beac437dd74778586644c2
.exe windows:4 windows x86 arch:x86

64e6df6844606df06724fe84dd75f3dd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetStdHandle
SetConsoleCP
GetCommandLineA
HeapReAlloc
WaitForSingleObject
GetSystemDefaultLangID
GetModuleHandleA
GlobalUnlock
InterlockedExchange
VirtualProtect
GetVersion
lstrlenA
CompareFileTime
SuspendThread
GetTickCount
GetAtomNameA
LoadLibraryExA
CloseHandle
HeapCreate
GetConsoleCP
WaitForMultipleObjects

user32

DestroyMenu
InsertMenuA
InvertRect
CreateIcon
SetWindowPos
DrawCaption
FillRect
SetPropA
GetKeyboardLayout
GetCursorInfo
EnableScrollBar
GetDlgItem
DialogBoxParamA
DragObject
DispatchMessageA
CreateMenu
GetKeyState
CreateCursor
SetScrollInfo
IsDialogMessage
FindWindowA
CopyImage

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA

uxtheme

GetThemeColor

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ