c5e48ac523cbe13633664ef613176906 | Triage

Sharing

General

Target

c5e48ac523cbe13633664ef613176906
Size

191KB
MD5

c5e48ac523cbe13633664ef613176906
SHA1

d1c3414e1f91758dafc1697e1de16a59865fc8f1
SHA256

e7114d0505cea4c57329fbc1b211ab7e64e5b91f156edd8398823782c34eb894
SHA512

e8fd0fee9ffc53cee9d7e63b005cbb2caaea476ac2cb6bdc730b6b32403de737e3c635010302059972cabd547730ed01cb095df1b3156c3945a616b7dd1c94e4
SSDEEP

3072:rMcnfqgai23+kykTwDwRp/uo8pmyFxiIsNC+ThE3qseZk/r2YXnkyIevK8OPw0GU:xfY+kykMDwfSgyF6Jc+aKukOKE0GnU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c5e48ac523cbe13633664ef613176906

Files

c5e48ac523cbe13633664ef613176906
.exe windows:4 windows x86 arch:x86

c40103f3e759961361cb3b60c94d6f2e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersion
lstrlenA
CloseHandle
InterlockedExchange
SuspendThread
WaitForSingleObject
WaitForMultipleObjects
LoadLibraryExA
HeapReAlloc
GetSystemDefaultLangID
GetConsoleDisplayMode
GetAtomNameA
HeapCreate
GlobalUnlock
VirtualProtect
LocalSize
CompareFileTime
GetModuleHandleA
GetCommandLineA
GetTickCount
GetConsoleCP

gdi32

BeginPath
GetFontData
EngLineTo
GetStringBitmapA
EndPath
CreateICA
GetMetaRgn
CreatePalette
Escape
DeleteObject
EqualRgn
GetTextColor
DeleteDC
FloodFill
GetRgnBox
AbortPath
GetMetaFileA
Ellipse
CreateFontA

rastapi

DeviceConnect
DeviceDone
PortClose
AddPorts
DeviceListen

dhcpsapi

DhcpAddServer

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 792KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ