d5f0fcb5e2e51b94319d1e2fdb045b36 | Triage

Sharing

General

Target

d5f0fcb5e2e51b94319d1e2fdb045b36
Size

16KB
MD5

d5f0fcb5e2e51b94319d1e2fdb045b36
SHA1

6b298364557c0ea3f1864135dc2e8762bf3f4408
SHA256

2dbc148138b1a45be267b75bf355ff9636cf57f0e34941771a0a44157a132bf4
SHA512

befa733c89d1dfd074cc6ba10ba9d4e7de3676559776f4efc6f764efa33c8b10b538cf6019c81a4989ed30fa1a28e1acd7006392254345715c8c60ab69d1f20a
SSDEEP

192:Axd/nKEIgMpEGH3xYm8c+z1aQfTTcwM5XfuPKlBg0AGas8Q:Gd/nKEI1bX+m8NpaQfTTbM5XWClBJh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d5f0fcb5e2e51b94319d1e2fdb045b36

Files

d5f0fcb5e2e51b94319d1e2fdb045b36
.exe windows:4 windows x86 arch:x86

d64c076d38f7a93fa07dde2879f103c5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA
SHGetValueA
SHDeleteValueA
PathFileExistsA

kernel32

FreeLibrary
GetProcessHeap
HeapAlloc
GetCommandLineA
CloseHandle
WriteFile
SizeofResource
CreateFileA
LockResource
LoadResource
FindResourceA
DeleteFileA
WaitForSingleObject
CreateProcessA
GetSystemDirectoryA
Sleep
GetStartupInfoA
GetProcAddress
LoadLibraryA
SetFileAttributesA
GetModuleFileNameA
GetTickCount
SetErrorMode
ExitProcess
GetModuleHandleA

user32

wvsprintfA

ole32

CoInitialize

Sections

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE