c5830204dad7104484fd8899136d1687 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c5830204dad7104484fd8899136d1687
Size

14KB
MD5

c5830204dad7104484fd8899136d1687
SHA1

9b3428d21de707138d70aba71d0adc83ea3922a4
SHA256

6457ab3759f6f3efef9d204768216365aa284ee4173e3c28a67aeb8f3a4f57c9
SHA512

7337bc0556b26b60ac3b912273358ae39e3e8fdcbaebec4849d2c08585dbaa9e97bee3d0743d897daff0eda9e72234458dee415082ec334fabe3edd15592441e
SSDEEP

192:d5ApctHf5ShLIh8+YfHa+EaJXbPDB/Rvei0vKh1Ucxiq+xjsLIju5EL8MKnNK:LApctRShLIadflB6vKhCcxBYgEL8MK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5830204dad7104484fd8899136d1687

Files

c5830204dad7104484fd8899136d1687
.exe windows:4 windows x86 arch:x86

c90310e758b934252466d074d7fb6113

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
FreeLibrary
GetFileAttributesA
CloseHandle
CreateEventA
SetFilePointer
GetProcAddress
lstrlenA
GetModuleFileNameA
PulseEvent
LoadLibraryA
ExitProcess
ReadFile
lstrcpyA
CreateFileA
WaitForSingleObject
SetEvent
WriteFile
ExitThread
GetVersionExA
CreateThread
GetTempPathA
lstrcatA

user32

wsprintfA
DispatchMessageA
SetThreadDesktop
ShowWindow
PeekMessageA
CreateWindowExA
TranslateMessage
CreateDesktopA
MsgWaitForMultipleObjects
DestroyWindow
CharToOemA
GetDesktopWindow

advapi32

RegCloseKey

Sections

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ