e044540d8237610850c65ee0729504b1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e044540d8237610850c65ee0729504b1
Size

89KB
MD5

e044540d8237610850c65ee0729504b1
SHA1

3d76f07215d3852dcb52b41ba31fb2f253efc3b1
SHA256

55adcd6f374791fe93c3cfb3c48becb9da2b767d6ff355db2ad93f968d963ba9
SHA512

fa52b92849b5b25722059afe3744a2a6b46e0ccd66120ca9b225c572e3608c84112fb490e13630ae2f93f9c9c29e79bb5708413a18eb3c61b61c26ab5b13d7e1
SSDEEP

768:U5YXLn2q8f+Rd4BDMVAaAF8tXID8wx8z+xSSJqM+fHfB68c8giIUq0YM7X:U5Y70NhFSYfsUnof/s8X3q0d7X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e044540d8237610850c65ee0729504b1

Files

e044540d8237610850c65ee0729504b1
.exe windows:4 windows x86 arch:x86

ff967ae5056af53c7e0fb22ea72e255e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindVolumeClose
Sleep
ReleaseMutex
TlsGetValue
DeleteCriticalSection
FindClose
GetModuleHandleA
ExitProcess
SetEvent
VirtualProtect
CloseHandle
SearchPathA
GetDiskFreeSpaceA
lstrlenA
CreateThread
FindResourceExA
FindAtomA
GetTickCount
GetCalendarInfoA
GetLastError

user32

CopyImage
CreateWindowExA
DispatchMessageA
GetMessageA
EnableWindow
GetUpdateRect
GetKeyState
DragDetect
GetScrollBarInfo
EndDialog
IsIconic
DialogBoxParamA
CreateMenu
CloseWindow

msdmo

DMOGetName
DMORegister
DMOGetTypes
DMOUnregister
DMOEnum

advapi32

RegCloseKey

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 522B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE