c587efc5c2a4cb19e77b2f5d96427a5b | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c587efc5c2a4cb19e77b2f5d96427a5b
Size

112KB
MD5

c587efc5c2a4cb19e77b2f5d96427a5b
SHA1

8162a6e27b3b22a5596f4ba74c25242cac7e8b2a
SHA256

8d3cdecff4b9f53b4724c95a5cd8e921724b83afdd7c607fc80c54c8d7561f07
SHA512

b3dda839ebf2bdaf7819a0e2275faf59201b4a19881e31e4b042c8129bd904fd6bd63c0aaf78081b28678bf7f9e86f7c596636ccecac61392ca042183912449c
SSDEEP

1536:MIxtjtpdgubldofwWONvBAHdtlrhmDVlB9/nzqeQ2+X1/rE8cdBT:xnJbWGa97hi9Q92K/cP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c587efc5c2a4cb19e77b2f5d96427a5b

Files

c587efc5c2a4cb19e77b2f5d96427a5b
.exe windows:4 windows x86 arch:x86

d4ff4e9520d2b9d618be12fecec0c0ac

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcatA
LoadResource
SizeofResource
FindResourceA
CloseHandle
WriteFile
CreateFileA
GetTempFileNameA
DeleteFileA
Sleep
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
LockResource
lstrcpyA
GetCommandLineA
FreeLibrary
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetModuleFileNameA

lz32

LZCopy
LZOpenFileA
LZClose

user32

MessageBoxA

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 109KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ