b5818a60bcc97edfe91e7c060a912546 | Triage

Sharing

General

Target

b5818a60bcc97edfe91e7c060a912546
Size

959KB
MD5

b5818a60bcc97edfe91e7c060a912546
SHA1

3e0b6edc210046f2f4e84d1857948f16ba88a167
SHA256

e64066d91821b65eb73fa1f39431f26a55795304fe5f654425c58c9b0c793c13
SHA512

eeaf77367305d3d440cbb6fbd564099e486cd0d4902129ab8479d42d4c34682719403421a89a766f238ddf86fef67b46b5715416e9daa58a033bbde8eef71278
SSDEEP

12288:kiJNOpVxc1F+Q7mSPwhjiRN0ibbi11Fj2aB0u0qwhtp8MCrccGhfDuQwR98rthw6:BmGF+XPS0EA2QfKrHhCTv8ZGsG60pr4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5818a60bcc97edfe91e7c060a912546

Files

b5818a60bcc97edfe91e7c060a912546
.exe windows:4 windows x86 arch:x86

5ea360500646e854e4dc2ade71d2fae5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

mini_installer_patch_3stage.pdb

Imports

shell32

CommandLineToArgvW

shlwapi

StrStrW

kernel32

CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessW
CopyFileW
lstrcmpiW
DeleteFileW
GetLastError
EnumResourceNamesW
LocalFree
lstrcatW
lstrlenW
GetModuleFileNameW
RemoveDirectoryW
CreateDirectoryW
GetLongPathNameW
GetTempFileNameW
GetTempPathW
ExitProcess
GetModuleHandleW
FindResourceW
SizeofResource
WriteFile
CreateFileW
LockResource
LoadResource
GetCommandLineW

advapi32

RegSetValueExW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ