b5aa519d6573311e635dad490f7c366c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b5aa519d6573311e635dad490f7c366c
Size

775KB
MD5

b5aa519d6573311e635dad490f7c366c
SHA1

e4ef1f239a32632d7c7b162cbc20b92502216c54
SHA256

468cd691887631b48280854adf09a07bfdc5dbe0eb44054fbd916c84c949e0a4
SHA512

9cd0314208fe06b2fc85f6ec44c3bf06fa5194f18e6cad6ed204989b054dd94207b2b5c28ca057eafcd347724acfb387742a340e0df013f16e3e4c441e89131a
SSDEEP

12288:WzdgimhBRDnPnJ/u7jvLJ/yROiR+6+KRwKNI/FDYA3/45pib6ambCiPZKiJ5cCe:C7mhBJPs1/KCAI/FDYAw5pib9mueKIcd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5aa519d6573311e635dad490f7c366c

Files

b5aa519d6573311e635dad490f7c366c
.exe windows:4 windows x86 arch:x86

7fdcb1d793e7dbe4afc407205dde0d8a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetLastError
lstrlenA
FindResourceW
TlsGetValue
UnmapViewOfFile
CloseHandle
GetComputerNameA
CreateFileW
GlobalUnlock
HeapCreate
PulseEvent
GetModuleHandleA
GetCommandLineA
Sleep
GlobalFree
LoadLibraryExW
GetCurrentThreadId
lstrcpyA
CreateProcessA
GetEnvironmentVariableA

user32

IsWindow
CreateIcon
DrawMenuBar
FillRect
DrawEdge
SetFocus
CallWindowProcA
DispatchMessageA
GetDC
GetCaretPos
GetDlgItem
CreateWindowExA
CheckRadioButton

rsaenh

CPDecrypt
CPDeriveKey
CPHashData
CPSignHash
CPGenKey

msasn1

ASN1BERDecEoid

Sections

.text
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 765KB - Virtual size: 768KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE