8054943c92a7ccd2e233a75726e8ba8b4fe8aa4c358f8ad5aaf1823137df6b27 | Triage

Sharing

General

Target

8054943c92a7ccd2e233a75726e8ba8b4fe8aa4c358f8ad5aaf1823137df6b27
Size

13KB
MD5

3c41f32558aff9d51120949c07369030
SHA1

569f27fb9b60cbe1823591470ac39e3b41170148
SHA256

8054943c92a7ccd2e233a75726e8ba8b4fe8aa4c358f8ad5aaf1823137df6b27
SHA512

14954c887d74b9d534b92eecc8dd9f7ba659bf75fbfed8c4c4fdc0c429260eabd92c8cb4715f6426e17db05cb64794ba99a8f4d686f7d71a986a14bf716ec89f
SSDEEP

384:vlz+vvPVMQN+KZV6Xkqxo939skb5idhgNjL2MlAW/J6:KVMQEO6Xkqxo9tVb5cgNj6Mly

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8054943c92a7ccd2e233a75726e8ba8b4fe8aa4c358f8ad5aaf1823137df6b27

Files

8054943c92a7ccd2e233a75726e8ba8b4fe8aa4c358f8ad5aaf1823137df6b27
.exe windows:5 windows x86 arch:x86

30c25ab7476a2655ae9383ba2f9463ed

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

advapi32

RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegDeleteKeyA
RegCloseKey

kernel32

lstrcmpiA
lstrlenA
GetPrivateProfileStringA
lstrcpyA
GetFileAttributesA
GetModuleFileNameA
CopyFileA
GetWindowsDirectoryA
lstrcatA
DeleteFileA
SetFileAttributesA
FreeLibrary
GetProcAddress
LoadLibraryA
GetVersionExA
GetExitCodeProcess
ExitProcess
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
ReleaseMutex
GetLastError
CreateMutexA

user32

MessageBoxA
CharNextA
FindWindowA
PostQuitMessage
GetWindow
wsprintfA
PostMessageA
DefWindowProcA
TranslateMessage
PeekMessageA
MsgWaitForMultipleObjects
CreateWindowExA
RegisterClassA
LoadCursorA
LoadStringA
DispatchMessageA

shell32

ShellExecuteExA

Sections

.text
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ