5e70958862a38aa90ff6a0402938b187faa991d2740b886322f8fc1b8cda0c9f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5e70958862a38aa90ff6a0402938b187faa991d2740b886322f8fc1b8cda0c9f
Size

120KB
MD5

d850de412afb627334677014ea329347
SHA1

cbaf65de00d02d6c35c78c36c649abe64e0c7777
SHA256

5e70958862a38aa90ff6a0402938b187faa991d2740b886322f8fc1b8cda0c9f
SHA512

594304b68e86338402d1cb501bbd8f010674370e3ade2834d1a538ade1e509be632ed41012fd93f229c10a6828c929708ca302c90ce9c96a2d70706988fb8536
SSDEEP

3072:RsMv02BnQlUS7M9Hmw56S323j5ay7/tDrbe:KMs2BnQOS7M9Gw4W23j5JZDr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e70958862a38aa90ff6a0402938b187faa991d2740b886322f8fc1b8cda0c9f

Files

5e70958862a38aa90ff6a0402938b187faa991d2740b886322f8fc1b8cda0c9f
.dll windows:4 windows x86 arch:x86

0f44bf2b3b0b8d5ecae5689ff1d0e90d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
GetTickCount
lstrcpyA
lstrcatA
lstrlenA
GetTempPathA
SetErrorMode

user32

wsprintfA

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 376B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ