5d40fb7f66c7329a24b837dfefc91c64cb26ce9451b577ff1c0b3c1aec9071de | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d40fb7f66c7329a24b837dfefc91c64cb26ce9451b577ff1c0b3c1aec9071de
Size

101KB
MD5

bede88a38cc7083d3b83f74262c55eca
SHA1

630b6ac2b7b6280097dedb0e55bb97f80563fa1f
SHA256

5d40fb7f66c7329a24b837dfefc91c64cb26ce9451b577ff1c0b3c1aec9071de
SHA512

55ff3a2c5a94cb88dd1ec0feb59c234e24da910f3a28007a27e21ef8362f32d39bbb7cc26180fe61436dcb340069fcaae50953ccde676adf04cdd5e9c2723967
SSDEEP

1536:NB+FC9RntfWeoGiPyCHjKDjfQQQtUetDdlNoJL0BrwVdi:NB+F8tfPN4yCDKDjfQQQtF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d40fb7f66c7329a24b837dfefc91c64cb26ce9451b577ff1c0b3c1aec9071de

Files

5d40fb7f66c7329a24b837dfefc91c64cb26ce9451b577ff1c0b3c1aec9071de
.exe windows:1 windows x86 arch:x86

17a4bd9c95f2898add97f309fc6f9bcd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetProcAddress
LoadLibraryA
ExitProcess

Sections

.bss
Size: - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.NewSec
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE