57fe038248a91847a6e592b68f9e17d190499f97a46eeb80b12e19ff47461386 | Triage

Sharing

General

Target

57fe038248a91847a6e592b68f9e17d190499f97a46eeb80b12e19ff47461386
Size

60KB
MD5

afe07ac688a83295b38469c196e7e566
SHA1

49e9ddc232c79b44641f1c661d241e2da86db558
SHA256

57fe038248a91847a6e592b68f9e17d190499f97a46eeb80b12e19ff47461386
SHA512

54a09a9421452e45e824b87025b2dc5c4a0440b6b710ea8440dbfa5b0083890552ff837ec8b0b53f02add0ebb14995256695bc48f92e67b2f8d671bb7a70fb0f
SSDEEP

768:NC58QJNgA/VEWqNmiZC8foeSpc6Ny0Vut:AKodVUNmiHxz5gu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
57fe038248a91847a6e592b68f9e17d190499f97a46eeb80b12e19ff47461386

Files

57fe038248a91847a6e592b68f9e17d190499f97a46eeb80b12e19ff47461386
.exe windows:4 windows x86 arch:x86

eb90d42ef57af17fe733af65195be31c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateSemaphoreW
GetEnvironmentVariableA
SearchPathW
GetCurrentDirectoryW
GetLogicalDriveStringsA
FindFirstFileA
GetProcAddress
GetDateFormatA
InitializeCriticalSection
LoadLibraryA
GetACP
HeapFree
CreateEventA
GetLastError
QueryDosDeviceW
GetStartupInfoW
WaitForSingleObject
GetFileSize
CompareStringA

shimeng

SE_InstallAfterInit
SE_IsShimDll

user32

ChangeMenuA
DispatchMessageW
wsprintfA
IsCharUpperA
InsertMenuA
CharToOemA
DrawTextW
LoadBitmapA
GetKeyNameTextA
LoadImageA
DrawEdge

Sections

.text
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 664B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ